Hi, > -----Original Message----- > From: Gote, Nitin R [mailto:nitin.r.gote@xxxxxxxxx] > Sent: Tuesday, July 23, 2019 2:56 PM > To: Joe Perches <joe@xxxxxxxxxxx>; Kees Cook <keescook@xxxxxxxxxxxx> > Cc: corbet@xxxxxxx; akpm@xxxxxxxxxxxxxxxxxxxx; apw@xxxxxxxxxxxxx; > linux-doc@xxxxxxxxxxxxxxx; kernel-hardening@xxxxxxxxxxxxxxxxxx > Subject: RE: [PATCH v5] Documentation/checkpatch: Prefer > strscpy/strscpy_pad over strcpy/strlcpy/strncpy > > > > -----Original Message----- > > From: Joe Perches [mailto:joe@xxxxxxxxxxx] > > Sent: Monday, July 22, 2019 11:11 PM > > To: Kees Cook <keescook@xxxxxxxxxxxx>; Gote, Nitin R > > <nitin.r.gote@xxxxxxxxx> > > Cc: corbet@xxxxxxx; akpm@xxxxxxxxxxxxxxxxxxxx; apw@xxxxxxxxxxxxx; > > linux-doc@xxxxxxxxxxxxxxx; kernel-hardening@xxxxxxxxxxxxxxxxxx > > Subject: Re: [PATCH v5] Documentation/checkpatch: Prefer > > strscpy/strscpy_pad over strcpy/strlcpy/strncpy > > > > On Mon, 2019-07-22 at 10:30 -0700, Kees Cook wrote: > > > On Wed, Jul 17, 2019 at 10:00:05AM +0530, NitinGote wrote: > > > > From: Nitin Gote <nitin.r.gote@xxxxxxxxx> > > > > > > > > Added check in checkpatch.pl to > > > > 1. Deprecate strcpy() in favor of strscpy(). > > > > 2. Deprecate strlcpy() in favor of strscpy(). > > > > 3. Deprecate strncpy() in favor of strscpy() or strscpy_pad(). > > > > > > > > Updated strncpy() section in Documentation/process/deprecated.rst > > > > to cover strscpy_pad() case. > > > > > > > > Signed-off-by: Nitin Gote <nitin.r.gote@xxxxxxxxx> > > > > > > Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> > > > > > > Joe, does this address your checkpatch concerns? > > > > Well, kinda. > > > > strscpy_pad isn't used anywhere in the kernel. > > > > And > > > > + "strncpy" => "strscpy, strscpy_pad or > for non- > > NUL-terminated strings, strncpy() can still be used, but destinations > > should be marked with __nonstring", > > > > is a bit verbose. This could be simply: > > > > + "strncpy" => "strscpy - for non-NUL-terminated uses, > > + strncpy() dst > > should be __nonstring", > > > Could you please give your opinion on below comment. > But, if the destination buffer needs extra NUL-padding for remaining size of > destination, then safe replacement is strscpy_pad(). Right? If yes, then what > is your opinion on below change : > > "strncpy" => "strscpy, strcpy_pad - for non-NUL-terminated uses, > strncpy() dst should be __nonstring", > > If you agree on this, then I will include this change in next patch version. > -Nitin
