netfilter: ipset: refactor deprecated strncpy

Use `strscpy_pad` instead of `strncpy`.

Link: https://github.com/KSPP/linux/issues/90
Cc: linux-hardening@vger.kernel.org
Signed-off-by: Justin Stitt <justinstitt@google.com>
Signed-off-by: Florian Westphal <fw@strlen.de>

diff --git a/net/netfilter/ipset/ip_set_core.c b/net/netfilter/ipset/ip_set_core.c
index 0b68e2e..e564b51 100644 (file)
--- a/net/netfilter/ipset/ip_set_core.c
+++ b/net/netfilter/ipset/ip_set_core.c
@@ -872,7 +872,7 @@ ip_set_name_byindex(struct net *net, ip_set_id_t index, char *name)
        BUG_ON(!set);
 
        read_lock_bh(&ip_set_ref_lock);
-       strncpy(name, set->name, IPSET_MAXNAMELEN);
+       strscpy_pad(name, set->name, IPSET_MAXNAMELEN);
        read_unlock_bh(&ip_set_ref_lock);
 }
 EXPORT_SYMBOL_GPL(ip_set_name_byindex);
@@ -1326,7 +1326,7 @@ static int ip_set_rename(struct sk_buff *skb, const struct nfnl_info *info,
                        goto out;
                }
        }
-       strncpy(set->name, name2, IPSET_MAXNAMELEN);
+       strscpy_pad(set->name, name2, IPSET_MAXNAMELEN);
 
 out:
        write_unlock_bh(&ip_set_ref_lock);
@@ -1380,9 +1380,9 @@ static int ip_set_swap(struct sk_buff *skb, const struct nfnl_info *info,
                return -EBUSY;
        }
 
-       strncpy(from_name, from->name, IPSET_MAXNAMELEN);
-       strncpy(from->name, to->name, IPSET_MAXNAMELEN);
-       strncpy(to->name, from_name, IPSET_MAXNAMELEN);
+       strscpy_pad(from_name, from->name, IPSET_MAXNAMELEN);
+       strscpy_pad(from->name, to->name, IPSET_MAXNAMELEN);
+       strscpy_pad(to->name, from_name, IPSET_MAXNAMELEN);
 
        swap(from->ref, to->ref);
        ip_set(inst, from_id) = to;