Re: [PATCH v1 1/2] mmc-utils: Use memcpy instead of strncpy

[Bean Huo]

Hi Ajay,
thanks for your review.

On Mon, 2021-11-15 at 12:39 +0530, Ajay Garg wrote:
> Hi Bean.
> 
> > -               strncpy(lbuf,
> > (char*)&ext_csd[EXT_CSD_FIRMWARE_VERSION], 8);
> > +               memcpy(lbuf,
> > (char*)&ext_csd[EXT_CSD_FIRMWARE_VERSION], 8);
> > +               lbuf[8] = '\0';
> 
> Above copies exactly 8 bytes, without any regard to the sizes of
> destination-buffer (lbuf) or source-buffer (ext_csd). Thus, there are
> high chances of overflow/underflow/out-of-bounds.
> 
I don't understand how above memcpy() overflow/underflow/out-of-bounds?
would you please provide more specific reason? 
 
memcpy(lbuf, (char*)&ext_csd[EXT_CSD_FIRMWARE_VERSION], 8);

here lbuf is a char array lbuf[10], and ext_csd is a __u8 array, __u8
ext_csd[512]. 


> If ext_csd contains, say a string 5 characters long, you would want
> to
> copy 6 characters (5 for length, 1 for null-terminator).
> 
> I guess you are trying to copy as-many-bytes as possible to lbuf,
> including the null-character.
> Thus, strlcpy/strscpy should be used here.
> 
> Something like :
> 
> strlcpy(lbuf, (char*)&ext_csd[EXT_CSD_FIRMWARE_VERSION],
> sizeof(lbuf));
> or
> strscpy(lbuf, (char*)&ext_csd[EXT_CSD_FIRMWARE_VERSION],
> sizeof(lbuf));
> 
> Note that you do not need to worry about putting the null-terminator.
> strlcpy/strscpy already take care of that for you.
> 



Yes, but please remember that mmc-utils is mainly used for embedded
platforms, they are not easy/inconvenient to update to the latest
library to support these two APIs(strlcpy needs libbsd-dev, and strscpy
needs some one else.).  If we use strlcpy or strscpy, mmc-utils will
not be portable. Do you know any other API that can be used and make
code more portable and simpler?


Kind regards,
Bean

> 
> Thanks and Regards,
> Ajay