On 11/8/21 11:59, Ajay Garg wrote:
Dropping all further discussions on this thread, as a RFC for a new string-copy method has been posted at : https://lore.kernel.org/linux-hardening/CAHP4M8U=0aTHgfREGJpSboV6J4X+E3Y6+H_kb-PvXxDKtV=n-g@xxxxxxxxxxxxxx/T/#t which, if accepted, will make the clients' lives a lot easier.
Honestly, I can't get what you are trying to achieve with new string function.
If caller knows, that there is no possible overflow, it can omit bounds checking (like in vt_do_kdgkb_ioctl). If caller needs return value equal to destination length it can use strscpy().
There is a bunch of str*cpy() functions and every month I see new conversations between them on ML. As Andy said it's really chaos. These conversation are needed, of course, from security point of view, but lib/string is already big. It contains functions for every possible scenario, caller just needs to pick right one.
I might be too dumb in this topic, so it's just my IMHO, since I am on CC list.
With regards, Pavel Skripkin
