netfilter: ipset: refactor deprecated strncpy

Use `strscpy_pad` instead of `strncpy`.

Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Signed-off-by: Justin Stitt <justinstitt@google.com>
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/kernel/net/netfilter/ipset/ip_set_core.c b/kernel/net/netfilter/ipset/ip_set_core.c
index 1f5df50165a88f68cc00d1f73c3c7718694d9e2c..1a647c54ff653c4c6364ba27b29400be8fce2023 100644 (file)
--- a/kernel/net/netfilter/ipset/ip_set_core.c
+++ b/kernel/net/netfilter/ipset/ip_set_core.c
@@ -873,7 +873,7 @@ ip_set_name_byindex(struct net *net, ip_set_id_t index, char *name)
        BUG_ON(!set);
 
        read_lock_bh(&ip_set_ref_lock);
-       strncpy(name, set->name, IPSET_MAXNAMELEN);
+       strscpy_pad(name, set->name, IPSET_MAXNAMELEN);
        read_unlock_bh(&ip_set_ref_lock);
 }
 EXPORT_SYMBOL_GPL(ip_set_name_byindex);
@@ -1348,11 +1348,11 @@ IPSET_CBFN(ip_set_rename, struct net *net, struct sock *ctnl,
                        goto out;
                }
        }
-       ret = strscpy(set->name, name2, IPSET_MAXNAMELEN);
+       strscpy_pad(set->name, name2, IPSET_MAXNAMELEN);
 
 out:
        write_unlock_bh(&ip_set_ref_lock);
-       return ret < 0 ? ret : 0;
+       return ret;
 }
 
 /* Swap two sets so that name/index points to the other.
@@ -1406,9 +1406,9 @@ IPSET_CBFN(ip_set_swap, struct net *net, struct sock *ctnl,
                return -EBUSY;
        }
 
-       strncpy(from_name, from->name, IPSET_MAXNAMELEN);
-       strncpy(from->name, to->name, IPSET_MAXNAMELEN);
-       strncpy(to->name, from_name, IPSET_MAXNAMELEN);
+       strscpy_pad(from_name, from->name, IPSET_MAXNAMELEN);
+       strscpy_pad(from->name, to->name, IPSET_MAXNAMELEN);
+       strscpy_pad(to->name, from_name, IPSET_MAXNAMELEN);
 
        swap(from->ref, to->ref);
        ip_set(inst, from_id) = to;