RE: [PATCH v4] Added warnings in checkpatch.pl script to :

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> -----Original Message-----
> From: Joe Perches [mailto:joe@xxxxxxxxxxx]
> Sent: Tuesday, July 9, 2019 9:40 PM
> To: Gote, Nitin R <nitin.r.gote@xxxxxxxxx>; corbet@xxxxxxx
> Cc: akpm@xxxxxxxxxxxxxxxxxxxx; apw@xxxxxxxxxxxxx;
> keescook@xxxxxxxxxxxx; linux-doc@xxxxxxxxxxxxxxx; linux-
> kernel@xxxxxxxxxxxxxxx; kernel-hardening@xxxxxxxxxxxxxxxxxx
> Subject: Re: [PATCH v4] Added warnings in checkpatch.pl script to :
> 
> On Tue, 2019-07-09 at 21:18 +0530, NitinGote wrote:
> > From: Nitin Gote <nitin.r.gote@xxxxxxxxx>
> >
> > 1. Deprecate strcpy() in favor of strscpy().
> > 2. Deprecate strlcpy() in favor of strscpy().
> > 3. Deprecate strncpy() in favor of strscpy() or strscpy_pad().
> >
> > Updated strncpy() section in Documentation/process/deprecated.rst
> > to cover strscpy_pad() case.
> 
> Please slow down your patch submission rate for this instance and respond
> appropriately to the comments you've been given.

Sure, I will explore this things more. And sorry, I missed to incorporate one comment. 
I will take care of such things.

> 
> This stuff is not critical bug fixing.
> 
Noted.

> The subject could be something like:
> 
> Subject: [PATCH v#] Documentation/checkpatch: Prefer strscpy over
> strcpy/strlcpy
> 

How about this  :
Subject: [PATCH v#] Doc/checkpatch: Prefer strscpy/strscpy_pad over strcpy/strlcpy/strncpy

> > diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
> []
> > @@ -605,6 +605,20 @@ foreach my $entry (keys %deprecated_apis) {  }
> > $deprecated_apis_search = "(?:${deprecated_apis_search})";
> >
> > +our %deprecated_string_apis = (
> > +        "strcpy"				=> "strscpy",
> > +        "strlcpy"				=> "strscpy",
> > +        "strncpy"				=> "strscpy, strscpy_pad or
> for non-NUL-terminated strings, strncpy() can still be used, but destinations
> should be marked with the __nonstring",
> 
> 'the' is not necessary.

Noted.

> 
> There could likely also be a strscat created for strcat, strlcat and strncat.
>

I have not found reference for strscat in kernel.
Could you please give any reference for strscat ?
 
> btw:
> 
> There were several defects in the kernel for misuses of strlcpy.
> 
> Did you or anyone else have an opinion on stracpy to avoid duplicating the
> first argument in a sizeof()?
> 
> 	strlcpy(foo, bar, sizeof(foo))
> to
> 	stracpy(foo, bar)
> 
> where foo must be char array compatible ?
> 
> https://lore.kernel.org/lkml/d1524130f91d7cfd61bc736623409693d2895f57.
> camel@xxxxxxxxxxx/
> 
>

As I understood, your trying to give new interface like stracpy(), to avoid duplication of first 
argument in a sizeof(), we can also make it more robust for users by adding check or warn in 
checkpatch.pl to prefer stracpy().

Did you or anyone has opinion on this ?


Thanks,
Nitin Gote



[Index of Archives]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Linux FS]     [Yosemite Forum]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]     [Linux Resources]

  Powered by Linux