[PATCH] fs: fat: Prevent possible buffer overflow
Andrew Goodbody
andrew.goodbody at linaro.org
Thu Jul 17 17:38:50 CEST 2025
On 17/07/2025 15:58, Martin Husemann wrote:
> On Thu, Jul 17, 2025 at 03:54:37PM +0100, Andrew Goodbody wrote:
>>
>> memset(dent, 0, sizeof(*dent));
>> - strcpy(dent->name, dir->itr.name);
>> + strlcpy(dent->name, dir->itr.name, FS_DIRENT_NAME_LEN);
>
> Shouldn't that be strncpy() instead? Using strlcpy() for fixed size
> records where strings may not be \0 terminated is quirky.
>
> Martin
Hi Martin,
The original use of strcpy suggests that the string must be \0
terminated. I will admit that I do not know the code well, is
dir->itr.name guaranteed to be a known fixed size?
Andrew
More information about the U-Boot
mailing list