On Wed, 2020-08-26 at 16:38 -0700, Kees Cook wrote: > On Thu, Aug 27, 2020 at 07:59:45AM +0900, Masahiro Yamada wrote: [] > > OK, then stpcpy(), strcpy() and sprintf() > > have the same level of unsafety. > > Yes. And even snprintf() is dangerous because its return value is how > much it WOULD have written, which when (commonly) used as an offset for > further pointer writes, causes OOB writes too. :( > https://github.com/KSPP/linux/issues/105 > > > strcpy() is used everywhere. > > Yes. It's very frustrating, but it's not an excuse to continue > using it nor introducing more bad APIs. > > $ git grep '\bstrcpy\b' | wc -l > 2212 > $ git grep '\bstrncpy\b' | wc -l > 751 > $ git grep '\bstrlcpy\b' | wc -l > 1712 > > $ git grep '\bstrscpy\b' | wc -l > 1066 > > https://www.kernel.org/doc/html/latest/process/deprecated.html#strcpy > https://github.com/KSPP/linux/issues/88 > > https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings > https://github.com/KSPP/linux/issues/89 > > https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy > https://github.com/KSPP/linux/issues/90 > > We have no way right now to block the addition of deprecated API usage, > which makes ever catching up on this replacement very challenging. These could be added to checkpatch's deprecated_api test. --- scripts/checkpatch.pl | 3 +++ 1 file changed, 3 insertions(+) diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl index 149518d2a6a7..f9ccb2a63a95 100755 --- a/scripts/checkpatch.pl +++ b/scripts/checkpatch.pl @@ -605,6 +605,9 @@ foreach my $entry (@mode_permission_funcs) { $mode_perms_search = "(?:${mode_perms_search})"; our %deprecated_apis = ( + "strcpy" => "strscpy", + "strncpy" => "strscpy", + "strlcpy" => "strscpy", "synchronize_rcu_bh" => "synchronize_rcu", "synchronize_rcu_bh_expedited" => "synchronize_rcu_expedited", "call_rcu_bh" => "call_rcu",
