iscsi-target: use strlcpy in iscsit_collect_login_stats

last_intr_fail_name is a fixed-size array and could theoretically overflow. In reality intrname->value doesn't seem to depend on untrusted input or be anywhere near 224 characters, so the overflow is pretty theoretical. But strlcpy is cheap enough. Found by coverity. Signed-off-by: Joern Engel <joern@logfs.org> Signed-off-by: Nicholas Bellinger <nab@linux-iscsi.org>
2014-09-02 17:49:55 -04:00 · 2014-09-02 17:49:55 -04:00 · fdc84d11a2
--- a/drivers/target/iscsi/iscsi_target_util.c
+++ b/drivers/target/iscsi/iscsi_target_util.c
@ -1479,8 +1479,9 @@ void iscsit_collect_login_stats(
 		if (conn->param_list)
 			intrname = iscsi_find_param_from_key(INITIATORNAME,
 							     conn->param_list);
-		strcpy(ls->last_intr_fail_name,
-		       (intrname ? intrname->value : "Unknown"));
+		strlcpy(ls->last_intr_fail_name,
+		       (intrname ? intrname->value : "Unknown"),
+		       sizeof(ls->last_intr_fail_name));

 		ls->last_intr_fail_ip_family = conn->login_family;