From f4e335f34519ba8e1271f779a7bc7db168e4488d Mon Sep 17 00:00:00 2001 From: Kees Cook Date: Wed, 16 Feb 2022 12:25:48 -0800 Subject: [PATCH] lkdtm/fortify: Swap memcpy() for strncpy() The memcpy() runtime defenses are still not landed, so test with strncpy() for now. Cc: Arnd Bergmann Cc: Greg Kroah-Hartman Reported-by: Muhammad Usama Anjum Reviewed-by: Muhammad Usama Anjum Signed-off-by: Kees Cook Link: https://lore.kernel.org/r/20220216202548.2093883-1-keescook@chromium.org Signed-off-by: Greg Kroah-Hartman --- drivers/misc/lkdtm/fortify.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/drivers/misc/lkdtm/fortify.c b/drivers/misc/lkdtm/fortify.c index d06458a4858e4a..ab33bb5e2e7afa 100644 --- a/drivers/misc/lkdtm/fortify.c +++ b/drivers/misc/lkdtm/fortify.c @@ -44,14 +44,14 @@ void lkdtm_FORTIFIED_SUBOBJECT(void) strscpy(src, "over ten bytes", size); size = strlen(src) + 1; - pr_info("trying to strcpy past the end of a member of a struct\n"); + pr_info("trying to strncpy past the end of a member of a struct\n"); /* - * memcpy(target.a, src, 20); will hit a compile error because the + * strncpy(target.a, src, 20); will hit a compile error because the * compiler knows at build time that target.a < 20 bytes. Use a * volatile to force a runtime error. */ - memcpy(target.a, src, size); + strncpy(target.a, src, size); /* Store result to global to prevent the code from being eliminated */ fortify_scratch_space = target.a[3];