From 6552100e95eff8719a53ed1d1710a149e756aa05 Mon Sep 17 00:00:00 2001
From: "kfraser@localhost.localdomain" <kfraser@localhost.localdomain>
Date: Thu, 1 Feb 2007 13:44:35 +0000
Subject: [PATCH] safe_str*() functions check their destination argument is a
 character-array type. Fix two bad callers. Signed-off-by: Keir Fraser
 <keir@xensource.com>

---
 xen/arch/x86/dmi_scan.c  |  2 +-
 xen/common/kexec.c       |  2 +-
 xen/include/xen/string.h | 12 ++++++++++--
 3 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/xen/arch/x86/dmi_scan.c b/xen/arch/x86/dmi_scan.c
index 2d49d412fc..b867febc1e 100644
--- a/xen/arch/x86/dmi_scan.c
+++ b/xen/arch/x86/dmi_scan.c
@@ -159,7 +159,7 @@ static void __init dmi_save_ident(struct dmi_header *dm, int slot, int string)
 		return;
 	dmi_ident[slot] = alloc_bootmem(strlen(p)+1);
 	if(dmi_ident[slot])
-		safe_strcpy(dmi_ident[slot], p);
+		strlcpy(dmi_ident[slot], p, strlen(p)+1);
 	else
 		printk(KERN_ERR "dmi_save_ident: out of memory.\n");
 }
diff --git a/xen/common/kexec.c b/xen/common/kexec.c
index 04a1468d3a..9e6e1858a4 100644
--- a/xen/common/kexec.c
+++ b/xen/common/kexec.c
@@ -131,7 +131,7 @@ __initcall(register_crashdump_trigger);
 
 static void setup_note(Elf_Note *n, const char *name, int type, int descsz)
 {
-    safe_strcpy(ELFNOTE_NAME(n), name);
+    strlcpy(ELFNOTE_NAME(n), name, INT_MAX);
     n->namesz = strlen(name);
     n->descsz = descsz;
     n->type = type;
diff --git a/xen/include/xen/string.h b/xen/include/xen/string.h
index d0c23a1411..f26b9949b2 100644
--- a/xen/include/xen/string.h
+++ b/xen/include/xen/string.h
@@ -82,8 +82,16 @@ extern void * memchr(const void *,int,__kernel_size_t);
 }
 #endif
 
+#define is_char_array(x) __builtin_types_compatible_p(typeof(x), char[])
+
 /* safe_xxx always NUL-terminates and returns !=0 if result is truncated. */
-#define safe_strcpy(d, s) (strlcpy(d, s, sizeof(d)) >= sizeof(d))
-#define safe_strcat(d, s) (strlcat(d, s, sizeof(d)) >= sizeof(d))
+#define safe_strcpy(d, s) ({                    \
+    BUILD_BUG_ON(!is_char_array(d));            \
+    (strlcpy(d, s, sizeof(d)) >= sizeof(d));    \
+})
+#define safe_strcat(d, s) ({                    \
+    BUILD_BUG_ON(!is_char_array(d));            \
+    (strlcat(d, s, sizeof(d)) >= sizeof(d));    \
+})
 
 #endif /* _LINUX_STRING_H_ */
-- 
2.30.2