btrfs: replace strcpy() with strscpy()

strcpy() is discouraged from use due to lack of bounds checking.
Replaces it with strscpy(), the recommended alternative for null
terminated strings, to follow best practices.

There are instances where strscpy() cannot be used such as where both
the source and destination are character pointers. In that instance we
can use sysfs_emit().

Link: https://github.com/KSPP/linux/issues/88
Suggested-by: Anthony Iliopoulos <ailiop@suse.com>
Signed-off-by: Brahmajit Das <bdas@suse.de>
Reviewed-by: David Sterba <dsterba@suse.com>
Signed-off-by: David Sterba <dsterba@suse.com>

diff --git a/fs/btrfs/ioctl.c b/fs/btrfs/ioctl.c
index 3621ed2eacd170b24089d616a360c5e6f4248ab8..c49df25be7da6568e01f3bfcf5b29d7504f803d7 100644 (file)
--- a/fs/btrfs/ioctl.c
+++ b/fs/btrfs/ioctl.c
@@ -4199,7 +4199,7 @@ static int btrfs_ioctl_set_fslabel(struct file *file, void __user *arg)
        }
 
        spin_lock(&fs_info->super_lock);
-       strcpy(super_block->label, label);
+       strscpy(super_block->label, label);
        spin_unlock(&fs_info->super_lock);
        ret = btrfs_commit_transaction(trans);
 

diff --git a/fs/btrfs/relocation.c b/fs/btrfs/relocation.c
index 82080fecffa2c11f1c58e911e24c8df3ac244566..175fc3acc38b77482f776ead7a16d0cbb952f1db 100644 (file)
--- a/fs/btrfs/relocation.c
+++ b/fs/btrfs/relocation.c
@@ -3888,7 +3888,7 @@ static void free_reloc_control(struct reloc_control *rc)
  */
 static void describe_relocation(struct btrfs_block_group *block_group)
 {
-       char buf[128] = {'\0'};
+       char buf[128] = "NONE";
 
        btrfs_describe_block_groups(block_group->flags, buf, sizeof(buf));
 

diff --git a/fs/btrfs/send.c b/fs/btrfs/send.c
index a045c1be49baf9e5e960c712c9a24cde773e9522..01aab5b7c93a648667ee9cca55b19aecbc9b79ea 100644 (file)
--- a/fs/btrfs/send.c
+++ b/fs/btrfs/send.c
@@ -758,7 +758,7 @@ static int send_header(struct send_ctx *sctx)
 {
        struct btrfs_stream_header hdr;
 
-       strcpy(hdr.magic, BTRFS_SEND_STREAM_MAGIC);
+       strscpy(hdr.magic, BTRFS_SEND_STREAM_MAGIC);
        hdr.version = cpu_to_le32(sctx->proto);
        return write_buf(sctx->send_filp, &hdr, sizeof(hdr),
                                        &sctx->send_off);

diff --git a/fs/btrfs/volumes.c b/fs/btrfs/volumes.c
index c99aec904e161627ac10ebdcde21dfe0c58502bc..714ebbd25c1e9ef400883edf4a9837a5651959d1 100644 (file)
--- a/fs/btrfs/volumes.c
+++ b/fs/btrfs/volumes.c
@@ -214,10 +214,8 @@ void btrfs_describe_block_groups(u64 bg_flags, char *buf, u32 size_buf)
        u64 flags = bg_flags;
        u32 size_bp = size_buf;
 
-       if (!flags) {
-               strcpy(bp, "NONE");
+       if (!flags)
                return;
-       }
 
 #define DESCRIBE_FLAG(flag, desc)                                              \
        do {                                                            \

diff --git a/fs/btrfs/xattr.c b/fs/btrfs/xattr.c
index 3e0edbcf73e106d47cc201b1a85de9d90f65a368..79fb1614bd0c355e0dac9ab7a8487ee30a5e69d7 100644 (file)
--- a/fs/btrfs/xattr.c
+++ b/fs/btrfs/xattr.c
@@ -510,14 +510,15 @@ static int btrfs_initxattrs(struct inode *inode,
         */
        nofs_flag = memalloc_nofs_save();
        for (xattr = xattr_array; xattr->name != NULL; xattr++) {
-               name = kmalloc(XATTR_SECURITY_PREFIX_LEN +
-                              strlen(xattr->name) + 1, GFP_KERNEL);
+               const size_t name_len = XATTR_SECURITY_PREFIX_LEN +
+                                       strlen(xattr->name) + 1;
+
+               name = kmalloc(name_len, GFP_KERNEL);
                if (!name) {
                        ret = -ENOMEM;
                        break;
                }
-               strcpy(name, XATTR_SECURITY_PREFIX);
-               strcpy(name + XATTR_SECURITY_PREFIX_LEN, xattr->name);
+               scnprintf(name, name_len, "%s%s", XATTR_SECURITY_PREFIX, xattr->name);
 
                if (strcmp(name, XATTR_NAME_CAPS) == 0)
                        clear_bit(BTRFS_INODE_NO_CAP_XATTR, &BTRFS_I(inode)->runtime_flags);