From: Thorsten Blum Date: Thu, 16 Oct 2025 15:41:10 +0000 (+0200) Subject: apparmor: Replace deprecated strcpy with memcpy in gen_symlink_name X-Git-Tag: v7.0-rc1~35^2~28 X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=1c90ed1f14c9892c24d5252a2966470f4937f7a2;p=thirdparty%2Flinux.git apparmor: Replace deprecated strcpy with memcpy in gen_symlink_name strcpy() is deprecated; use memcpy() instead. Unlike strcpy(), memcpy() does not copy the NUL terminator from the source string, which would be overwritten anyway on every iteration when using strcpy(). snprintf() then ensures that 'char *s' is NUL-terminated. Replace the hard-coded path length to remove the magic number 6, and add a comment explaining the extra 11 bytes. Closes: https://github.com/KSPP/linux/issues/88 Signed-off-by: Thorsten Blum Signed-off-by: John Johansen --- diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c index 907bd2667e28..91c1fcb78ac8 100644 --- a/security/apparmor/apparmorfs.c +++ b/security/apparmor/apparmorfs.c @@ -1607,16 +1607,20 @@ static char *gen_symlink_name(int depth, const char *dirname, const char *fname) { char *buffer, *s; int error; - int size = depth * 6 + strlen(dirname) + strlen(fname) + 11; + const char *path = "../../"; + size_t path_len = strlen(path); + int size; + /* Extra 11 bytes: "raw_data" (9) + two slashes "//" (2) */ + size = depth * path_len + strlen(dirname) + strlen(fname) + 11; s = buffer = kmalloc(size, GFP_KERNEL); if (!buffer) return ERR_PTR(-ENOMEM); for (; depth > 0; depth--) { - strcpy(s, "../../"); - s += 6; - size -= 6; + memcpy(s, path, path_len); + s += path_len; + size -= path_len; } error = snprintf(s, size, "raw_data/%s/%s", dirname, fname);