[lvc-project] [PATCH] minixfs: Replace the copy method with a more secure one
Markov Gleb
markov.gi at npc-ksb.ru
Mon May 25 15:45:22 MSK 2026
From: Gleb Markov <markov.gi at npc-ksb.ru>
When copying, dot symbol can`t overflow the buffer however,
replacing the outdated method with a safe one seems to be
the correct action.
Replace strcpy() with strscpy().
Found by Linux Verification Center (linuxtesting.org) with SVACE.
Fixes: 939b00df0306 ("[PATCH] Minix V3 support")
Signed-off-by: Gleb Markov <markov.gi at npc-ksb.ru>
---
fs/minix/dir.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/fs/minix/dir.c b/fs/minix/dir.c
index dcfe5b25378b..e4018bc500dd 100644
--- a/fs/minix/dir.c
+++ b/fs/minix/dir.c
@@ -334,18 +334,18 @@ int minix_make_empty(struct inode *inode, struct inode *dir)
minix3_dirent *de3 = (minix3_dirent *)kaddr;
de3->inode = inode->i_ino;
- strcpy(de3->name, ".");
+ strscpy(de3->name, ".", sbi->s_dirsize - 4);
de3 = minix_next_entry(de3, sbi);
de3->inode = dir->i_ino;
- strcpy(de3->name, "..");
+ strscpy(de3->name, "..", sbi->s_dirsize - 4);
} else {
minix_dirent *de = (minix_dirent *)kaddr;
de->inode = inode->i_ino;
- strcpy(de->name, ".");
+ strscpy(de->name, ".", sbi->s_dirsize - 2);
de = minix_next_entry(de, sbi);
de->inode = dir->i_ino;
- strcpy(de->name, "..");
+ strscpy(de->name, "..", sbi->s_dirsize - 2);
}
kunmap_atomic(kaddr);
--
2.43.0
More information about the lvc-project
mailing list