Open JustinStitt opened 11 months ago
This runs parallel to #90 in that we want to remove this strncpy call in favor of a less ambiguous and more robust api like strscpy or strtomem.
strncpy
strscpy
strtomem
There is a pathological class of strncpy_from_user() functions which you can see here:
strncpy_from_user()
https://elixir.bootlin.com/linux/v6.3/source/arch/um/kernel/skas/uaccess.c#L168
Kees had some insights:
It looks like strncpy_from_user() is a confusingly named string copier for crossing kernel/user memory boundary, but it's named badly because it does not NUL-pad the destination, but it does NOT guarantee NUL-termination. Grrrr.
This runs parallel to #90 in that we want to remove this
strncpycall in favor of a less ambiguous and more robust api likestrscpyorstrtomem.There is a pathological class of
strncpy_from_user()functions which you can see here:https://elixir.bootlin.com/linux/v6.3/source/arch/um/kernel/skas/uaccess.c#L168
Kees had some insights: