Re: [PATCH v3] drivers/soc: Remove all strcpy() uses

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Hi,

On Wed, Aug 04, 2021 at 05:23:54PM -0500, Bjorn Andersson wrote:
> On Sun 01 Aug 08:19 CDT 2021, Len Baker wrote:
>
> > strcpy() performs no bounds checking on the destination buffer. This
> > could result in linear overflows beyond the end of the buffer, leading
> > to all kinds of misbehaviors. The safe replacement is strscpy().
> >
>
> While this is true, are any of these uses of strcpy affected by its
> shortcomings?

No, this patch is only an effort to clean up the proliferation of str*()
functions in the kernel.

> > Moreover, when the size of the destination buffer cannot be obtained
> > using "sizeof", use the memcpy function instead of strscpy.
> >
>
> This is not why you're using memcpy, you're using it because you _know_
> how many bytes should be copied - because you just did a strlen() and
> allocated that amount of space.

Understood, I will change the commit message.

>
> > [...]
> >  		/* Prepare req message */
> > -		strcpy(req.service_path, pds->service_path);
> > +		strscpy(req.service_path, pds->service_path,
> > +			sizeof(req.service_path));
>
> There's no need to break this line.

Ok, thanks.

Regards,
Len




[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [Linux for Sparc]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux