Re: [PATCH v2] uml: Replace strlcpy with strscpy
From: Eric Biggers
Date: Wed Jun 07 2023 - 00:27:31 EST
On Tue, Jun 06, 2023 at 05:08:27PM -0400, Azeem Shaikh wrote:
> On Tue, Jun 6, 2023 at 4:51 PM Richard Weinberger <richard@xxxxxx> wrote:
> >
> > ----- Ursprüngliche Mail -----
> > > Von: "Azeem Shaikh" <azeemshaikh38@xxxxxxxxx>
> > > strlcpy() reads the entire source buffer first.
> > > This read may exceed the destination size limit.
> > > This is both inefficient and can lead to linear read
> > > overflows if a source string is not NUL-terminated [1].
> > > In an effort to remove strlcpy() completely [2], replace
> > > strlcpy() here with strscpy().
> > > No return values were used, so direct replacement is safe.
> > >
> > > [1] https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
> > > [2] https://github.com/KSPP/linux/issues/89
> > >
> > > Signed-off-by: Azeem Shaikh <azeemshaikh38@xxxxxxxxx>
> > > Reported-by: kernel test robot <lkp@xxxxxxxxx>
> > > Closes:
> > > https://lore.kernel.org/oe-kbuild-all/202305311135.zGMT1gYR-lkp@xxxxxxxxx/
> >
> > Are you sure Reported-by and Closes make sense?
> > AFAIK the report was only on your first patch and nothing against upstream.
> > So stating this in the updated patch is in vain.
>
> I left the metadata in only for the sake of posterity. If it's not
> helpful, I'm ok with removing it.
>
IMO using Reported-by in cases like this is harmful, as it makes commits seem
like bug fixes when they are not.
- Eric