On Wed, Feb 25, 2026 at 06:27:15PM +0100, tomasz.unger@yahoo.pl wrote:

From: Tomasz Unger <redacted>

strcpy() does not limit the number of bytes copied which can lead to
buffer overflow when firmware_name is derived from user input via
NFC subsystem. This is a bug fix, not a cleanup.

Replace with strscpy() which limits the copy to the size of the
destination buffer. Since phy->firmware_name is an array, the
two-argument variant of strscpy() is used - the compiler deduces
the buffer size automatically.

Fixes: 06c660340f1e ("NFC: pn544: i2c: Add firmware download implementation for pn544")
Signed-off-by: Tomasz Unger <redacted>
---
Changes since v1 (requested by Simon Horman [off-list ref]):
- Use two-argument strscpy() since phy->firmware_name is an array

Thanks for the update.

Reviewed-by: Simon Horman <horms@kernel.org>