fs: exfat: Use strncpy() and bail on too long filenames

In case the filename is too long, longer than PATH_MAX - 1, it
would overflow dirs->dirname array. Add missing check and also
use strncpy() to prevent the overflow in any case.

Fixes CID 550305:  Security best practices violations  (STRING_OVERFLOW)

Signed-off-by: Marek Vasut <marex@denx.de>

diff --git a/fs/exfat/io.c b/fs/exfat/io.c
index c56f56759875ec426a5abdf8c5d4d3d1b2805ece..77cd2dfb6dc945cad72f61a2011cb0cee97c9ae3 100644 (file)
--- a/fs/exfat/io.c
+++ b/fs/exfat/io.c
@@ -720,6 +720,9 @@ int exfat_fs_opendir(const char *filename, struct fs_dir_stream **dirsp)
        struct exfat_node *dnode;
        int err;
 
+       if (strlen(filename) >= PATH_MAX)
+               return -ENAMETOOLONG;
+
        err = exfat_lookup_realpath(&ctxt.ef, &dnode, filename);
        if (err)
                return err;
@@ -736,7 +739,7 @@ int exfat_fs_opendir(const char *filename, struct fs_dir_stream **dirsp)
        if (!dirs)
                return -ENOMEM;
 
-       strcpy(dirs->dirname, filename);
+       strncpy(dirs->dirname, filename, PATH_MAX - 1);
        dirs->offset = -1;
 
        *dirsp = &dirs->fs_dirs;