Hi, On Sun, Aug 01, 2021 at 08:55:28PM +0100, Jonathan Cameron wrote: > On Sun, 1 Aug 2021 19:11:57 +0200 > Len Baker <len.baker@xxxxxxx> wrote: > > > strcpy() performs no bounds checking on the destination buffer. This > > could result in linear overflows beyond the end of the buffer, leading > > to all kinds of misbehaviors. The safe replacement is strscpy(). > > > > Signed-off-by: Len Baker <len.baker@xxxxxxx> > > Hi Len, > > I'm not convinced this is terribly useful in this particular case. > As the code stands today, it is easy to verify that the buffer is > large enough by looking up a few lines. As you need to do that > anyway to check that n, n -1 in the strscpy is correct, what do we gain? > > I don't mind this if it's part of a general removal of strcpy(), but > if so the patch description should state that. Ok, I will send a new version with the commit changelog updated. Regards, Len
