From c82f77a4ac9589a5d73d4caaa439fa670c684455 Mon Sep 17 00:00:00 2001 From: Thorsten Blum Date: Sat, 13 Dec 2025 12:04:52 +0100 Subject: [PATCH] ecryptfs: Replace strcpy with strscpy in ecryptfs_cipher_code_to_string strcpy() has been deprecated [1] because it performs no bounds checking on the destination buffer, which can lead to buffer overflows. Since the parameter 'char *str' is just a pointer with no size information, extend the function with a 'size' parameter to pass the destination buffer's size as an additional argument. Adjust the call sites accordingly. Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy [1] Signed-off-by: Thorsten Blum Signed-off-by: Tyler Hicks --- fs/ecryptfs/crypto.c | 6 ++++-- fs/ecryptfs/ecryptfs_kernel.h | 2 +- fs/ecryptfs/keystore.c | 9 +++++++-- 3 files changed, 12 insertions(+), 5 deletions(-) diff --git a/fs/ecryptfs/crypto.c b/fs/ecryptfs/crypto.c index c84c7c3de4d9..fa49d20521a4 100644 --- a/fs/ecryptfs/crypto.c +++ b/fs/ecryptfs/crypto.c @@ -862,11 +862,12 @@ u8 ecryptfs_code_for_cipher_string(char *cipher_name, size_t key_bytes) /** * ecryptfs_cipher_code_to_string * @str: Destination to write out the cipher name + * @size: Destination buffer size * @cipher_code: The code to convert to cipher name string * * Returns zero on success */ -int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code) +int ecryptfs_cipher_code_to_string(char *str, size_t size, u8 cipher_code) { int rc = 0; int i; @@ -874,7 +875,8 @@ int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code) str[0] = '\0'; for (i = 0; i < ARRAY_SIZE(ecryptfs_cipher_code_str_map); i++) if (cipher_code == ecryptfs_cipher_code_str_map[i].cipher_code) - strcpy(str, ecryptfs_cipher_code_str_map[i].cipher_str); + strscpy(str, ecryptfs_cipher_code_str_map[i].cipher_str, + size); if (str[0] == '\0') { ecryptfs_printk(KERN_WARNING, "Cipher code not recognized: " "[%d]\n", cipher_code); diff --git a/fs/ecryptfs/ecryptfs_kernel.h b/fs/ecryptfs/ecryptfs_kernel.h index ba59f976a962..54e780186ac6 100644 --- a/fs/ecryptfs/ecryptfs_kernel.h +++ b/fs/ecryptfs/ecryptfs_kernel.h @@ -571,7 +571,7 @@ int ecryptfs_read_and_validate_header_region(struct inode *inode); int ecryptfs_read_and_validate_xattr_region(struct dentry *dentry, struct inode *inode); u8 ecryptfs_code_for_cipher_string(char *cipher_name, size_t key_bytes); -int ecryptfs_cipher_code_to_string(char *str, u8 cipher_code); +int ecryptfs_cipher_code_to_string(char *str, size_t size, u8 cipher_code); void ecryptfs_set_default_sizes(struct ecryptfs_crypt_stat *crypt_stat); int ecryptfs_generate_key_packet_set(char *dest_base, struct ecryptfs_crypt_stat *crypt_stat, diff --git a/fs/ecryptfs/keystore.c b/fs/ecryptfs/keystore.c index 32e5e250c2dc..e55bd8f9c952 100644 --- a/fs/ecryptfs/keystore.c +++ b/fs/ecryptfs/keystore.c @@ -911,7 +911,9 @@ ecryptfs_parse_tag_70_packet(char **filename, size_t *filename_size, s->fnek_sig_hex[ECRYPTFS_SIG_SIZE_HEX] = '\0'; (*packet_size) += ECRYPTFS_SIG_SIZE; s->cipher_code = data[(*packet_size)++]; - rc = ecryptfs_cipher_code_to_string(s->cipher_string, s->cipher_code); + rc = ecryptfs_cipher_code_to_string(s->cipher_string, + sizeof(s->cipher_string), + s->cipher_code); if (rc) { printk(KERN_WARNING "%s: Cipher code [%d] is invalid\n", __func__, s->cipher_code); @@ -1129,7 +1131,9 @@ decrypt_pki_encrypted_session_key(struct ecryptfs_auth_tok *auth_tok, memcpy(crypt_stat->key, auth_tok->session_key.decrypted_key, auth_tok->session_key.decrypted_key_size); crypt_stat->key_size = auth_tok->session_key.decrypted_key_size; - rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher, cipher_code); + rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher, + sizeof(crypt_stat->cipher), + cipher_code); if (rc) { ecryptfs_printk(KERN_ERR, "Cipher code [%d] is invalid\n", cipher_code); @@ -1395,6 +1399,7 @@ parse_tag_3_packet(struct ecryptfs_crypt_stat *crypt_stat, goto out_free; } rc = ecryptfs_cipher_code_to_string(crypt_stat->cipher, + sizeof(crypt_stat->cipher), (u16)data[(*packet_size)]); if (rc) goto out_free; -- 2.30.2