Message ID | 20231009-strncpy-drivers-net-dsa-realtek-rtl8365mb-c-v1-1-0537fe9fb08c@google.com |
---|---|
State | New |
Headers |
Return-Path: <linux-kernel-owner@vger.kernel.org> Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:a888:0:b0:403:3b70:6f57 with SMTP id x8csp2158071vqo; Mon, 9 Oct 2023 15:44:19 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEIX2go870NmWKTE4WoCr08Ic8CJqy3YYuAA5vOHDqnjG9+uax7YDiZRMk9iUkccxiUyoGD X-Received: by 2002:a17:90a:d707:b0:27c:e74a:a4b1 with SMTP id y7-20020a17090ad70700b0027ce74aa4b1mr279591pju.36.1696891459663; Mon, 09 Oct 2023 15:44:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1696891459; cv=none; d=google.com; s=arc-20160816; b=a6rV9/3pRi1Nbm0c9uShd0e2E0NM3BiaUuGpV3Rtixwr4edsZgkuT55ZsDNGHVbR4f XG9pMm8iy/4pZnZRhtKC/4rigptK7I2MDjVE9/q1Qs5/VVEkqc7DWfCqXeVpXFEE4qAh tNinVKTnUS5t5ne/RQ1hV1bKkD8KSKCNGBP9iibfXEDP5YgVJIQ1nyHRYFwV0zSbz0s+ FQlVo/pbVL4K9Uf9qjl1JQQF0Hm8Sfl7Zn139YXITCJGDUOUKqsPl86ccSLsCsFcMwkZ tuYkCmu/NcnIQNbUIpSL7Yn799SzOpwGuvmJgYnUDJZBk+abWADLO7tLAGWF3BOlWsaz +3xA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:from:subject:message-id:mime-version:date :dkim-signature; bh=lcEkRtI6p90rXcCOvkouPghb3M9m0aVLP4AHp4xDips=; fh=GwK11QuIe+n7JbVKLoEM7AfDJaUz/IDzceyzI5NNgS8=; b=pbUyChsKJmJXGNgVvkmafNJIZRTMdZ7QUE1xO3fuAR5NS+ifQaoVFn6uG2zy5bDEp9 nj+39okaDRuvRWE/y9vNBGKvX0x6L9jRRR87LXKeiIiqqaXiXZMv6xrFY0SA89Xcccg1 +tUYsBmjcO9Ifn2xziLjwx+NfRdANO/7GSvj88CJyExWgiDKMXC4FNuc6JBu9T7ZrRly /X88lpjfimf89Ah9RqPbfAiobQYE3/Q65RtFqBpUofLF30GBKOqG9dbGVszBobIyCmTO oCEt9Yh4Wmn+/Rx/EdePZm2zRDw7grE44wbVHRD3sySo6pguvqC9bkQlgSE69P1wFUz9 oztg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=Rwa4I42W; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from agentk.vger.email (agentk.vger.email. [23.128.96.32]) by mx.google.com with ESMTPS id ha22-20020a17090af3d600b0027b123fbe9dsi10405497pjb.156.2023.10.09.15.44.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 09 Oct 2023 15:44:19 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) client-ip=23.128.96.32; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20230601 header.b=Rwa4I42W; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.32 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by agentk.vger.email (Postfix) with ESMTP id 1F6AC80B5A29; Mon, 9 Oct 2023 15:44:17 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at agentk.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1378916AbjJIWoF (ORCPT <rfc822;makky5685@gmail.com> + 19 others); Mon, 9 Oct 2023 18:44:05 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:56034 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1378893AbjJIWoC (ORCPT <rfc822;linux-kernel@vger.kernel.org>); Mon, 9 Oct 2023 18:44:02 -0400 Received: from mail-yw1-x114a.google.com (mail-yw1-x114a.google.com [IPv6:2607:f8b0:4864:20::114a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 3AC049E for <linux-kernel@vger.kernel.org>; Mon, 9 Oct 2023 15:44:01 -0700 (PDT) Received: by mail-yw1-x114a.google.com with SMTP id 00721157ae682-5a7b3ae01c0so8479597b3.3 for <linux-kernel@vger.kernel.org>; Mon, 09 Oct 2023 15:44:01 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20230601; t=1696891440; x=1697496240; darn=vger.kernel.org; h=cc:to:from:subject:message-id:mime-version:date:from:to:cc:subject :date:message-id:reply-to; bh=lcEkRtI6p90rXcCOvkouPghb3M9m0aVLP4AHp4xDips=; b=Rwa4I42WxiXXdptfUjSOUyqNZhDMOnOI1l+KC1YWHpvGJDOs3o17zdVc5WqhTsapfk ao99ZcqBhVR5+QVPTGcaozDvyDqEh6/C6nExnGFY7MsqUwj85VcrnAjJH6bqxqkqChTi OGEfpoPmbqez+38JL6xq9RUSrraHwKJ8Tjwjql/ODJt1/4k7SsCp15mL0vTJfjB+GSDZ x/1Lkklz3prHhrjlvsOU03vL9XpiMvnUbApv8zCyqIqwrtZWRECR7xQpRMN/FtCJauPL iZn3VqmxtIDxDbJ49LmpkiWZ/vpjWsQdbFETqwKWFpKZAKOm72JMTW8FXtg0j79iQUkw SD3Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1696891440; x=1697496240; h=cc:to:from:subject:message-id:mime-version:date:x-gm-message-state :from:to:cc:subject:date:message-id:reply-to; bh=lcEkRtI6p90rXcCOvkouPghb3M9m0aVLP4AHp4xDips=; b=dH8Izq7vDo9SD5TasqEZ2XXxYexnMXaOgBip/x3EyfobGa7IyMTWxCy/T+ZazhHMtK j4GLh/dhCJOs+riXANkr8imGXw3aWRsH/p2pd2rc+cwNkps2wRT1rO3tCvBeID3BnODn 8qE94W7vlHHtosaLon5bYpaUUZRc+JxEoE4CR/iWujPxZtiWUa+OmJ0wemwGNi3B4q6R LLCmtEOfb3hoesnpFAC2IMefjf1bPq3xc9MVd1sjqxzgMiXAZy5kspswQl/kEzRvAGO8 Fh+PTG3aTFxe9oZLasrgejNPQs7KsRWK63CiP7wfhAbIede0G7sZ7i4bSw8Hbuatw3OM BLYA== X-Gm-Message-State: AOJu0Yz6h6Cg8+AOjvzevIM6XJxMrftx67S5mv6eAR4e6MutsPzFBSYi gyVJU3FlzzpJEu9jrMfiqpbyUJbCPdhyuZR+8w== X-Received: from jstitt-linux1.c.googlers.com ([fda3:e722:ac3:cc00:2b:ff92:c0a8:23b5]) (user=justinstitt job=sendgmr) by 2002:a25:c3:0:b0:d9a:45e7:b8bc with SMTP id 186-20020a2500c3000000b00d9a45e7b8bcmr25189yba.4.1696891440537; Mon, 09 Oct 2023 15:44:00 -0700 (PDT) Date: Mon, 09 Oct 2023 22:43:59 +0000 Mime-Version: 1.0 X-B4-Tracking: v=1; b=H4sIAC6CJGUC/x3NTQrCQAxA4auUrA0krRb1KuJifqIG61iSoSild 3dw+W3eW8HFVBzO3Qomi7q+SwPvOkiPUO6Cmpuhp35gohN6tZLmL2bTRcyxSMXsAU3CVOWJVqf jMB5eERPGyDTKPjFTglacTW76+d8u1237AVexKdp9AAAA X-Developer-Key: i=justinstitt@google.com; a=ed25519; pk=tC3hNkJQTpNX/gLKxTNQKDmiQl6QjBNCGKJINqAdJsE= X-Developer-Signature: v=1; a=ed25519-sha256; t=1696891439; l=1543; i=justinstitt@google.com; s=20230717; h=from:subject:message-id; bh=t6ppbaGIRSBsCeLAwhf3icSi3QggQapCJpuQhPkWhCk=; b=FWHhhun5aGED0QoILNdMciMZW3HTaYxCbuwQE2GB9YVe3/t5D443MOnBAm6QN6t6igpdopFpI UblLVj3B+mDBhtxxWYA5eMKhHFTTQGn4GjNgywTjOiej/yfypbDcEFq X-Mailer: b4 0.12.3 Message-ID: <20231009-strncpy-drivers-net-dsa-realtek-rtl8365mb-c-v1-1-0537fe9fb08c@google.com> Subject: [PATCH] net: dsa: realtek: rtl8365mb: replace deprecated strncpy with ethtool_sprintf From: Justin Stitt <justinstitt@google.com> To: Linus Walleij <linus.walleij@linaro.org>, " =?utf-8?q?Alvin_=C5=A0ipraga?= " <alsi@bang-olufsen.dk>, Andrew Lunn <andrew@lunn.ch>, Florian Fainelli <f.fainelli@gmail.com>, Vladimir Oltean <olteanv@gmail.com>, "David S. Miller" <davem@davemloft.net>, Eric Dumazet <edumazet@google.com>, Jakub Kicinski <kuba@kernel.org>, Paolo Abeni <pabeni@redhat.com> Cc: netdev@vger.kernel.org, linux-kernel@vger.kernel.org, linux-hardening@vger.kernel.org, Justin Stitt <justinstitt@google.com> Content-Type: text/plain; charset="utf-8" X-Spam-Status: No, score=-4.8 required=5.0 tests=DKIMWL_WL_MED,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,RCVD_IN_SBL_CSS,SPF_HELO_NONE,SPF_PASS, USER_IN_DEF_DKIM_WL autolearn=no autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on agentk.vger.email Precedence: bulk List-ID: <linux-kernel.vger.kernel.org> X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (agentk.vger.email [0.0.0.0]); Mon, 09 Oct 2023 15:44:17 -0700 (PDT) X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1779319659618423524 X-GMAIL-MSGID: 1779319659618423524 |
Series |
net: dsa: realtek: rtl8365mb: replace deprecated strncpy with ethtool_sprintf
|
|
Commit Message
Justin Stitt
Oct. 9, 2023, 10:43 p.m. UTC
`strncpy` is deprecated for use on NUL-terminated destination strings
[1] and as such we should prefer more robust and less ambiguous string
interfaces.
ethtool_sprintf() is designed specifically for get_strings() usage.
Let's replace strncpy in favor of this more robust and easier to
understand interface.
Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1]
Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2]
Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Signed-off-by: Justin Stitt <justinstitt@google.com>
---
Note: build-tested only.
---
drivers/net/dsa/realtek/rtl8365mb.c | 3 +--
1 file changed, 1 insertion(+), 2 deletions(-)
---
base-commit: cbf3a2cb156a2c911d8f38d8247814b4c07f49a2
change-id: 20231009-strncpy-drivers-net-dsa-realtek-rtl8365mb-c-bb106e4c110c
Best regards,
--
Justin Stitt <justinstitt@google.com>
Comments
On 10/9/23 15:43, Justin Stitt wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings > [1] and as such we should prefer more robust and less ambiguous string > interfaces. > > ethtool_sprintf() is designed specifically for get_strings() usage. > Let's replace strncpy in favor of this more robust and easier to > understand interface. > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt <justinstitt@google.com> Reviewed-by: Florian Fainelli <florian.fainelli@broadcom.com>
On Mon, Oct 09, 2023 at 10:43:59PM +0000, Justin Stitt wrote: > [You don't often get email from justinstitt@google.com. Learn why this is important at https://aka.ms/LearnAboutSenderIdentification ] > > `strncpy` is deprecated for use on NUL-terminated destination strings > [1] and as such we should prefer more robust and less ambiguous string > interfaces. > > ethtool_sprintf() is designed specifically for get_strings() usage. > Let's replace strncpy in favor of this more robust and easier to > understand interface. > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt <justinstitt@google.com> Reviewed-by: Alvin Šipraga <alsi@bang-olufsen.dk> > --- > Note: build-tested only. > --- > drivers/net/dsa/realtek/rtl8365mb.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/drivers/net/dsa/realtek/rtl8365mb.c b/drivers/net/dsa/realtek/rtl8365mb.c > index 41ea3b5a42b1..d171c18dd354 100644 > --- a/drivers/net/dsa/realtek/rtl8365mb.c > +++ b/drivers/net/dsa/realtek/rtl8365mb.c > @@ -1303,8 +1303,7 @@ static void rtl8365mb_get_strings(struct dsa_switch *ds, int port, u32 stringset > > for (i = 0; i < RTL8365MB_MIB_END; i++) { > struct rtl8365mb_mib_counter *mib = &rtl8365mb_mib_counters[i]; > - > - strncpy(data + i * ETH_GSTRING_LEN, mib->name, ETH_GSTRING_LEN); > + ethtool_sprintf(&data, "%s", mib->name); > } > } > > > --- > base-commit: cbf3a2cb156a2c911d8f38d8247814b4c07f49a2 > change-id: 20231009-strncpy-drivers-net-dsa-realtek-rtl8365mb-c-bb106e4c110c > > Best regards, > -- > Justin Stitt <justinstitt@google.com> >
Hello Justin, On Mon, Oct 09, 2023 at 10:43:59PM +0000, Justin Stitt wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings > [1] and as such we should prefer more robust and less ambiguous string > interfaces. > > ethtool_sprintf() is designed specifically for get_strings() usage. > Let's replace strncpy in favor of this more robust and easier to > understand interface. > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt <justinstitt@google.com> > --- > Note: build-tested only. > --- > drivers/net/dsa/realtek/rtl8365mb.c | 3 +-- > 1 file changed, 1 insertion(+), 2 deletions(-) > > diff --git a/drivers/net/dsa/realtek/rtl8365mb.c b/drivers/net/dsa/realtek/rtl8365mb.c > index 41ea3b5a42b1..d171c18dd354 100644 > --- a/drivers/net/dsa/realtek/rtl8365mb.c > +++ b/drivers/net/dsa/realtek/rtl8365mb.c > @@ -1303,8 +1303,7 @@ static void rtl8365mb_get_strings(struct dsa_switch *ds, int port, u32 stringset > > for (i = 0; i < RTL8365MB_MIB_END; i++) { > struct rtl8365mb_mib_counter *mib = &rtl8365mb_mib_counters[i]; > - > - strncpy(data + i * ETH_GSTRING_LEN, mib->name, ETH_GSTRING_LEN); > + ethtool_sprintf(&data, "%s", mib->name); Is there any particular reason why you opted for the "%s" printf format specifier when you could have simply given mib->name as the single argument? This comment applies to all the ethtool_sprintf() patches you've submitted.
On Tue, Oct 10, 2023 at 4:07 AM Vladimir Oltean <olteanv@gmail.com> wrote: > > Hello Justin, > > On Mon, Oct 09, 2023 at 10:43:59PM +0000, Justin Stitt wrote: > > `strncpy` is deprecated for use on NUL-terminated destination strings > > [1] and as such we should prefer more robust and less ambiguous string > > interfaces. > > > > ethtool_sprintf() is designed specifically for get_strings() usage. > > Let's replace strncpy in favor of this more robust and easier to > > understand interface. > > > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > > Link: https://github.com/KSPP/linux/issues/90 > > Cc: linux-hardening@vger.kernel.org > > Signed-off-by: Justin Stitt <justinstitt@google.com> > > --- > > Note: build-tested only. > > --- > > drivers/net/dsa/realtek/rtl8365mb.c | 3 +-- > > 1 file changed, 1 insertion(+), 2 deletions(-) > > > > diff --git a/drivers/net/dsa/realtek/rtl8365mb.c b/drivers/net/dsa/realtek/rtl8365mb.c > > index 41ea3b5a42b1..d171c18dd354 100644 > > --- a/drivers/net/dsa/realtek/rtl8365mb.c > > +++ b/drivers/net/dsa/realtek/rtl8365mb.c > > @@ -1303,8 +1303,7 @@ static void rtl8365mb_get_strings(struct dsa_switch *ds, int port, u32 stringset > > > > for (i = 0; i < RTL8365MB_MIB_END; i++) { > > struct rtl8365mb_mib_counter *mib = &rtl8365mb_mib_counters[i]; > > - > > - strncpy(data + i * ETH_GSTRING_LEN, mib->name, ETH_GSTRING_LEN); > > + ethtool_sprintf(&data, "%s", mib->name); > > Is there any particular reason why you opted for the "%s" printf format > specifier when you could have simply given mib->name as the single > argument? This comment applies to all the ethtool_sprintf() patches > you've submitted. Yeah, it causes a -Wformat-security warning for me. I briefly mentioned it in one of my first patches like this [1]. [1]: https://lore.kernel.org/all/20231005-strncpy-drivers-net-dsa-lan9303-core-c-v2-1-feb452a532db@google.com/
On Tue, Oct 10, 2023 at 10:36 AM Justin Stitt <justinstitt@google.com> wrote: > > On Tue, Oct 10, 2023 at 4:07 AM Vladimir Oltean <olteanv@gmail.com> wrote: > > > > Hello Justin, > > > > On Mon, Oct 09, 2023 at 10:43:59PM +0000, Justin Stitt wrote: > > > `strncpy` is deprecated for use on NUL-terminated destination strings > > > [1] and as such we should prefer more robust and less ambiguous string > > > interfaces. > > > > > > ethtool_sprintf() is designed specifically for get_strings() usage. > > > Let's replace strncpy in favor of this more robust and easier to > > > understand interface. > > > > > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > > > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > > > Link: https://github.com/KSPP/linux/issues/90 > > > Cc: linux-hardening@vger.kernel.org > > > Signed-off-by: Justin Stitt <justinstitt@google.com> > > > --- > > > Note: build-tested only. > > > --- > > > drivers/net/dsa/realtek/rtl8365mb.c | 3 +-- > > > 1 file changed, 1 insertion(+), 2 deletions(-) > > > > > > diff --git a/drivers/net/dsa/realtek/rtl8365mb.c b/drivers/net/dsa/realtek/rtl8365mb.c > > > index 41ea3b5a42b1..d171c18dd354 100644 > > > --- a/drivers/net/dsa/realtek/rtl8365mb.c > > > +++ b/drivers/net/dsa/realtek/rtl8365mb.c > > > @@ -1303,8 +1303,7 @@ static void rtl8365mb_get_strings(struct dsa_switch *ds, int port, u32 stringset > > > > > > for (i = 0; i < RTL8365MB_MIB_END; i++) { > > > struct rtl8365mb_mib_counter *mib = &rtl8365mb_mib_counters[i]; > > > - > > > - strncpy(data + i * ETH_GSTRING_LEN, mib->name, ETH_GSTRING_LEN); > > > + ethtool_sprintf(&data, "%s", mib->name); > > > > Is there any particular reason why you opted for the "%s" printf format > > specifier when you could have simply given mib->name as the single > > argument? This comment applies to all the ethtool_sprintf() patches > > you've submitted. > > Yeah, it causes a -Wformat-security warning for me. I briefly mentioned it > in one of my first patches like this [1]. For more context, here's some warnings in the wild: https://lore.kernel.org/netdev/20231003183603.3887546-3-jesse.brandeburg@intel.com/ > > [1]: https://lore.kernel.org/all/20231005-strncpy-drivers-net-dsa-lan9303-core-c-v2-1-feb452a532db@google.com/
On Tue, Oct 10, 2023 at 02:48:07PM -0700, Justin Stitt wrote: > On Tue, Oct 10, 2023 at 10:36 AM Justin Stitt <justinstitt@google.com> wrote: > > > Is there any particular reason why you opted for the "%s" printf format > > > specifier when you could have simply given mib->name as the single > > > argument? This comment applies to all the ethtool_sprintf() patches > > > you've submitted. > > > > Yeah, it causes a -Wformat-security warning for me. I briefly mentioned it > > in one of my first patches like this [1]. > > For more context, here's some warnings in the wild: > https://lore.kernel.org/netdev/20231003183603.3887546-3-jesse.brandeburg@intel.com/ > > > > > [1]: https://lore.kernel.org/all/20231005-strncpy-drivers-net-dsa-lan9303-core-c-v2-1-feb452a532db@google.com/ Yeah, ok. It's a false positive warning, but I guess it would be too hard for the compiler to figure that out.
On Mon, Oct 09, 2023 at 10:43:59PM +0000, Justin Stitt wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings > [1] and as such we should prefer more robust and less ambiguous string > interfaces. > > ethtool_sprintf() is designed specifically for get_strings() usage. > Let's replace strncpy in favor of this more robust and easier to > understand interface. > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@vger.kernel.org > Signed-off-by: Justin Stitt <justinstitt@google.com> > --- Reviewed-by: Vladimir Oltean <vladimir.oltean@nxp.com>
On Tue, Oct 10, 2023 at 02:07:17PM +0300, Vladimir Oltean wrote: > Hello Justin, > > On Mon, Oct 09, 2023 at 10:43:59PM +0000, Justin Stitt wrote: > > `strncpy` is deprecated for use on NUL-terminated destination strings > > [1] and as such we should prefer more robust and less ambiguous string > > interfaces. > > > > ethtool_sprintf() is designed specifically for get_strings() usage. > > Let's replace strncpy in favor of this more robust and easier to > > understand interface. > > > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > > Link: https://manpages.debian.org/testing/linux-manual-4.8/strscpy.9.en.html [2] > > Link: https://github.com/KSPP/linux/issues/90 > > Cc: linux-hardening@vger.kernel.org > > Signed-off-by: Justin Stitt <justinstitt@google.com> > > --- > > Note: build-tested only. > > --- > > drivers/net/dsa/realtek/rtl8365mb.c | 3 +-- > > 1 file changed, 1 insertion(+), 2 deletions(-) > > > > diff --git a/drivers/net/dsa/realtek/rtl8365mb.c b/drivers/net/dsa/realtek/rtl8365mb.c > > index 41ea3b5a42b1..d171c18dd354 100644 > > --- a/drivers/net/dsa/realtek/rtl8365mb.c > > +++ b/drivers/net/dsa/realtek/rtl8365mb.c > > @@ -1303,8 +1303,7 @@ static void rtl8365mb_get_strings(struct dsa_switch *ds, int port, u32 stringset > > > > for (i = 0; i < RTL8365MB_MIB_END; i++) { > > struct rtl8365mb_mib_counter *mib = &rtl8365mb_mib_counters[i]; > > - > > - strncpy(data + i * ETH_GSTRING_LEN, mib->name, ETH_GSTRING_LEN); > > + ethtool_sprintf(&data, "%s", mib->name); > > Is there any particular reason why you opted for the "%s" printf format > specifier when you could have simply given mib->name as the single > argument? This comment applies to all the ethtool_sprintf() patches > you've submitted. The primary reason is that without the "%s", any format specifiers in mib->name will be processed by sprintf(), which could lead to very unexpected results. One never wants to just pass a string directly to the sprintf-family of functions for this reason. "%s" is needed to keep things safe. -Kees
Hello: This patch was applied to netdev/net-next.git (main) by Jakub Kicinski <kuba@kernel.org>: On Mon, 09 Oct 2023 22:43:59 +0000 you wrote: > `strncpy` is deprecated for use on NUL-terminated destination strings > [1] and as such we should prefer more robust and less ambiguous string > interfaces. > > ethtool_sprintf() is designed specifically for get_strings() usage. > Let's replace strncpy in favor of this more robust and easier to > understand interface. > > [...] Here is the summary with links: - net: dsa: realtek: rtl8365mb: replace deprecated strncpy with ethtool_sprintf https://git.kernel.org/netdev/net-next/c/e5f061d5e340 You are awesome, thank you!
diff --git a/drivers/net/dsa/realtek/rtl8365mb.c b/drivers/net/dsa/realtek/rtl8365mb.c index 41ea3b5a42b1..d171c18dd354 100644 --- a/drivers/net/dsa/realtek/rtl8365mb.c +++ b/drivers/net/dsa/realtek/rtl8365mb.c @@ -1303,8 +1303,7 @@ static void rtl8365mb_get_strings(struct dsa_switch *ds, int port, u32 stringset for (i = 0; i < RTL8365MB_MIB_END; i++) { struct rtl8365mb_mib_counter *mib = &rtl8365mb_mib_counters[i]; - - strncpy(data + i * ETH_GSTRING_LEN, mib->name, ETH_GSTRING_LEN); + ethtool_sprintf(&data, "%s", mib->name); } }