From: Marek Vasut <marex@denx.de>
Date: Wed, 30 Apr 2025 16:45:51 +0000 (+0200)
Subject: fs: exfat: Use strncpy() and bail on too long filenames
X-Git-Tag: v2025.07-rc2~24
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=4ba2fe14f2cecf7b614220e8e19c1fcdda92b748;p=pandora-u-boot.git

fs: exfat: Use strncpy() and bail on too long filenames

In case the filename is too long, longer than PATH_MAX - 1, it
would overflow dirs->dirname array. Add missing check and also
use strncpy() to prevent the overflow in any case.

Fixes CID 550305:  Security best practices violations  (STRING_OVERFLOW)

Signed-off-by: Marek Vasut <marex@denx.de>
---

diff --git a/fs/exfat/io.c b/fs/exfat/io.c
index c56f5675987..77cd2dfb6dc 100644
--- a/fs/exfat/io.c
+++ b/fs/exfat/io.c
@@ -720,6 +720,9 @@ int exfat_fs_opendir(const char *filename, struct fs_dir_stream **dirsp)
 	struct exfat_node *dnode;
 	int err;
 
+	if (strlen(filename) >= PATH_MAX)
+		return -ENAMETOOLONG;
+
 	err = exfat_lookup_realpath(&ctxt.ef, &dnode, filename);
 	if (err)
 		return err;
@@ -736,7 +739,7 @@ int exfat_fs_opendir(const char *filename, struct fs_dir_stream **dirsp)
 	if (!dirs)
 		return -ENOMEM;
 
-	strcpy(dirs->dirname, filename);
+	strncpy(dirs->dirname, filename, PATH_MAX - 1);
 	dirs->offset = -1;
 
 	*dirsp = &dirs->fs_dirs;