scripts: ensure the cocci script for miiphy_register does not leave NULL-unterminated...

strncpy() simply bails out when copying a source string whose size
exceeds the destination string size, potentially leaving the destination
string unterminated.

One possible way to address is to pass MDIO_NAME_LEN - 1 and a
previously zero-initialized destination string, but this is more
difficult to maintain.

The chosen alternative is to use strlcpy(), which properly limits the
copy len in the (srclen >= size) case to "size - 1", and which is also
more efficient than the strncpy() byte-by-byte implementation by using
memcpy. The destination string returned by strlcpy() is always NULL
terminated.

Signed-off-by: Vladimir Oltean <vladimir.oltean@nxp.com>

diff --git a/scripts/coccinelle/net/mdio_register.cocci b/scripts/coccinelle/net/mdio_register.cocci
index 100f102..31a4036 100644 (file)
--- a/scripts/coccinelle/net/mdio_register.cocci
+++ b/scripts/coccinelle/net/mdio_register.cocci
@@ -16,7 +16,7 @@ identifier readfunc, writefunc;
 - miiphy_register(devname, readfunc, writefunc);
 + struct mii_dev *mdiodev = mdio_alloc();
 + if (!mdiodev) return -ENOMEM;
-+ strncpy(mdiodev->name, devname, MDIO_NAME_LEN);
++ strlcpy(mdiodev->name, devname, MDIO_NAME_LEN);
 + mdiodev->read = readfunc;
 + mdiodev->write = writefunc;
 +