The strncpy() function is actively dangerous to use since it may not NULL-terminate the destination string, resulting in potential memory content exposures, unbounded reads, or crashes. Link: https://github.com/KSPP/linux/issues/90 Signed-off-by: Baris Can Goral <goralbaris@xxxxxxxxx> --- v2: naming issue solved drivers/acpi/acpica/tbfind.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/drivers/acpi/acpica/tbfind.c b/drivers/acpi/acpica/tbfind.c index 1c1b2e284bd9..5536d1755188 100644 --- a/drivers/acpi/acpica/tbfind.c +++ b/drivers/acpi/acpica/tbfind.c @@ -57,8 +57,8 @@ acpi_tb_find_table(char *signature, memset(&header, 0, sizeof(struct acpi_table_header)); ACPI_COPY_NAMESEG(header.signature, signature); - strncpy(header.oem_id, oem_id, ACPI_OEM_ID_SIZE); - strncpy(header.oem_table_id, oem_table_id, ACPI_OEM_TABLE_ID_SIZE); + strscpy(header.oem_id, oem_id, ACPI_OEM_ID_SIZE); + strscpy(header.oem_table_id, oem_table_id, ACPI_OEM_TABLE_ID_SIZE); /* Search for the table */ -- 2.34.1
