bpf: Replace all non-returning strlcpy with strscpy

strlcpy() reads the entire source buffer first. This read may exceed the
destination size limit. This is both inefficient and can lead to linear
read overflows if a source string is not NUL-terminated [1]. This is not
the case here, however, in an effort to remove strlcpy() completely [2],
lets replace strlcpy() here with strscpy(). No return values were used,
so a direct replacement is safe.

  [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
  [2] https://github.com/KSPP/linux/issues/89

Signed-off-by: Azeem Shaikh <azeemshaikh38@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Reviewed-by: Kees Cook <keescook@chromium.org>
Link: https://lore.kernel.org/bpf/20230530155659.309657-1-azeemshaikh38@gmail.com

diff --git a/kernel/bpf/preload/bpf_preload_kern.c b/kernel/bpf/preload/bpf_preload_kern.c
index b56f9f3314fd0296425f3eadd66c8e4a10d779d8..0c63bc2cd895a2e5c5b8e6199dae4a9e041a095b 100644 (file)
--- a/kernel/bpf/preload/bpf_preload_kern.c
+++ b/kernel/bpf/preload/bpf_preload_kern.c
@@ -23,9 +23,9 @@ static void free_links_and_skel(void)
 
 static int preload(struct bpf_preload_info *obj)
 {
-       strlcpy(obj[0].link_name, "maps.debug", sizeof(obj[0].link_name));
+       strscpy(obj[0].link_name, "maps.debug", sizeof(obj[0].link_name));
        obj[0].link = maps_link;
-       strlcpy(obj[1].link_name, "progs.debug", sizeof(obj[1].link_name));
+       strscpy(obj[1].link_name, "progs.debug", sizeof(obj[1].link_name));
        obj[1].link = progs_link;
        return 0;
 }