From c152737be22b103bff5987e03136a69710c2e68f Mon Sep 17 00:00:00 2001
From: Abdul Rahim <abdul.rahim@myyahoo.com>
Date: Fri, 15 Nov 2024 16:54:19 +0530
Subject: ceph: Use strscpy() instead of strcpy() in __get_snap_name()

strcpy() performs no bounds checking on the destination buffer. This
could result in linear overflows beyond the end of the buffer, leading
to all kinds of misbehaviors [1].

This fixes checkpatch warning:
    WARNING: Prefer strscpy over strcpy

[1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy

[ idryomov: formatting ]

Signed-off-by: Abdul Rahim <abdul.rahim@myyahoo.com>
Reviewed-by: Ilya Dryomov <idryomov@gmail.com>
Signed-off-by: Ilya Dryomov <idryomov@gmail.com>
---
 fs/ceph/export.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'fs/ceph')

diff --git a/fs/ceph/export.c b/fs/ceph/export.c
index 44451749c544..9f236a2a2557 100644
--- a/fs/ceph/export.c
+++ b/fs/ceph/export.c
@@ -452,7 +452,13 @@ static int __get_snap_name(struct dentry *parent, char *name,
 		goto out;
 	if (ceph_snap(inode) == CEPH_SNAPDIR) {
 		if (ceph_snap(dir) == CEPH_NOSNAP) {
-			strcpy(name, fsc->mount_options->snapdir_name);
+			/*
+			 * .get_name() from struct export_operations
+			 * assumes that its 'name' parameter is pointing
+			 * to a NAME_MAX+1 sized buffer
+			 */
+			strscpy(name, fsc->mount_options->snapdir_name,
+				NAME_MAX + 1);
 			err = 0;
 		}
 		goto out;
-- 
cgit v1.2.3