On Wed, Oct 18, 2023 at 10:29:51AM +0300, Calvince Otieno wrote: > Checkpatch suggests using strscpy() instead of strncpy(). > > The advantages of strscpy() are that it always adds a NUL terminator > and prevents read overflows if the source string is not properly > terminated. One potential disadvantage is that it doesn't zero pad the > string like strncpy() does. You're not replacing strncpy(), you're replacing strcpy(). There is never a downside to replacing strcpy() with strspy() beyond that the secure function is probably slightly slower. > > In this code, strscpy() and strncpy() are equivalent and do not affect > runtime behavior. strscpy() simply copies the known string value of the > variable driver_name into the fake_bridge->name variable, which also > has a fixed size. > > While using strscpy() does not address any bugs, it is considered a better > practice and aligns with checkpatch recommendations. This analysis does not say where driver_name is set, or how big it is, or what the size of the fake_bridge->name buffer is. I would like to see that sort of analysis in the commit message. regards, dan carpenter
