Commit 2eacea74 authored by Martin Brandenburg's avatar Martin Brandenburg Committed by Mike Marshall
Browse files

orangefs: strncpy -> strscpy

It would have been possible for a rogue client-core to send in a symlink
target which is not NUL terminated. This returns EIO if the client-core
gives us corrupt data.

Leave debugfs and superblock code as is for now.

Other dcache.c and namei.c strncpy instances are safe because
ORANGEFS_NAME_MAX = NAME_MAX + 1; there is always enough space for a
name plus a NUL byte.
Signed-off-by: default avatarMartin Brandenburg <>
Signed-off-by: default avatarMike Marshall <>
parent f83140c1
......@@ -315,9 +315,13 @@ int orangefs_inode_getattr(struct inode *inode, int new, int size)
inode->i_size = (loff_t)strlen(new_op->
orangefs_inode->blksize = (1 << inode->i_blkbits);
ret = strscpy(orangefs_inode->link_target,
if (ret == -E2BIG) {
ret = -EIO;
goto out;
inode->i_link = orangefs_inode->link_target;
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment