Hi Andi, So do both, memset then strscpy:
+ memset(msg.name, 0, sizeof(msg.name)); + if (strscpy(msg.name, name, sizeof(msg.name)) <= 0) + goto err; BR, Hugues. On 4/1/19 6:54 PM, Andi Kleen wrote: > On Mon, Apr 01, 2019 at 01:37:56PM +0000, Hugues FRUCHET wrote: >> Hi Andi, >> >> We have already discussed about that here: >> https://lore.kernel.org/patchwork/patch/866406/ >> >> Now that strscpy is largely deployed within kernel, could you retest >> with the change I suggested ? > > strscpy is not the correct fix because it leaks uninitialized memory > to the receiver. You need the memset. > > -Andi >
