scsi: qla4xxx: ql4_mbx.c: Cleaning up missing null-terminate in conjunction with strncpy
Replacing strncpy with strlcpy to avoid strings that lacks null terminate.
And in some cases modified to copy one character less than the overall
length, as the entire area is already zeroed.
Signed-off-by: Rickard Strandqvist <rickard_strandqvist@spectrumdigital.se>
Acked-By: Nilesh Javali <nilesh.javali@qlogic.com>
Signed-off-by: Christoph Hellwig <hch@lst.de>
diff --git a/drivers/scsi/qla4xxx/ql4_mbx.c b/drivers/scsi/qla4xxx/ql4_mbx.c
index fdfae79..c291fdf 100644
--- a/drivers/scsi/qla4xxx/ql4_mbx.c
+++ b/drivers/scsi/qla4xxx/ql4_mbx.c
@@ -1620,8 +1620,8 @@
goto exit_get_chap;
}
- strncpy(password, chap_table->secret, QL4_CHAP_MAX_SECRET_LEN);
- strncpy(username, chap_table->name, QL4_CHAP_MAX_NAME_LEN);
+ strlcpy(password, chap_table->secret, QL4_CHAP_MAX_SECRET_LEN);
+ strlcpy(username, chap_table->name, QL4_CHAP_MAX_NAME_LEN);
chap_table->cookie = __constant_cpu_to_le16(CHAP_VALID_COOKIE);
exit_get_chap:
@@ -1663,8 +1663,8 @@
else
chap_table->flags |= BIT_7; /* local */
chap_table->secret_len = strlen(password);
- strncpy(chap_table->secret, password, MAX_CHAP_SECRET_LEN);
- strncpy(chap_table->name, username, MAX_CHAP_NAME_LEN);
+ strncpy(chap_table->secret, password, MAX_CHAP_SECRET_LEN - 1);
+ strncpy(chap_table->name, username, MAX_CHAP_NAME_LEN - 1);
chap_table->cookie = __constant_cpu_to_le16(CHAP_VALID_COOKIE);
if (is_qla40XX(ha)) {
@@ -1742,8 +1742,8 @@
goto exit_unlock_uni_chap;
}
- strncpy(password, chap_table->secret, MAX_CHAP_SECRET_LEN);
- strncpy(username, chap_table->name, MAX_CHAP_NAME_LEN);
+ strlcpy(password, chap_table->secret, MAX_CHAP_SECRET_LEN);
+ strlcpy(username, chap_table->name, MAX_CHAP_NAME_LEN);
rval = QLA_SUCCESS;
@@ -2295,7 +2295,7 @@
if (param == SET_DRVR_VERSION) {
mbox_cmd[1] = SET_DRVR_VERSION;
strncpy((char *)&mbox_cmd[2], QLA4XXX_DRIVER_VERSION,
- MAX_DRVR_VER_LEN);
+ MAX_DRVR_VER_LEN - 1);
} else {
ql4_printk(KERN_ERR, ha, "%s: invalid parameter 0x%x\n",
__func__, param);