usbreset: replace some unbounded strcpy() calls

We "know" the sysfs attribute is not going to be bigger than the buffer, but the thousands of "ooh, a strcpy() call is bad for you!" scanning tools do not. So to shut them up, use strncpy() just to make things quiet and for us to stop getting foolish reports. Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
gregkh · Oct 22, 2024 · bb1e4b7 · bb1e4b7
1 parent a73e7ce
commit bb1e4b7
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/usbreset.c b/usbreset.c
@@ -86,11 +86,11 @@ static struct usbentry *parse_devlist(DIR *d)
 
 	attr = sysfs_attr(e->d_name, "manufacturer");
 	if (attr)
-		strcpy(dev.vendor_name, attr);
+		strncpy(dev.vendor_name, attr, sizeof(dev.vendor_name) - 1);
 
 	attr = sysfs_attr(e->d_name, "product");
 	if (attr)
-		strcpy(dev.product_name, attr);
+		strncpy(dev.product_name, attr, sizeof(dev.product_name) - 1);
 
 	if (dev.bus_num && dev.dev_num && dev.vendor_id >= 0 && dev.product_id >= 0)
 		return &dev;