Re: [PATCH] SUNRPC: Replace strlcpy with strscpy

From: Azeem Shaikh
Date: Tue Jun 13 2023 - 18:56:13 EST

Next message: Mathias Krause: "Re: [PATCH] timekeeping: Align tick_sched_timer() with the HZ tick. -- regression report"
Previous message: Rajvi Jingar: "[PATCH 5/8] platform/x86:intel/pmc: Discover PMC devices"
In reply to: Chuck Lever III: "Re: [PATCH] SUNRPC: Replace strlcpy with strscpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Jun 13, 2023 at 3:43 PM Chuck Lever III <chuck.lever@xxxxxxxxxx> wrote:
>
> > On Jun 13, 2023, at 3:42 PM, Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> >
> > On Tue, Jun 13, 2023 at 02:18:06PM +0000, Chuck Lever III wrote:
> >>
> >>
> >>> On Jun 12, 2023, at 8:40 PM, Azeem Shaikh <azeemshaikh38@xxxxxxxxx> wrote:
> >>>
> >>> strlcpy() reads the entire source buffer first.
> >>> This read may exceed the destination size limit.
> >>> This is both inefficient and can lead to linear read
> >>> overflows if a source string is not NUL-terminated [1].
> >>> In an effort to remove strlcpy() completely [2], replace
> >>> strlcpy() here with strscpy().
> >>
> >> Using sprintf() seems cleaner to me: it would get rid of
> >> the undocumented naked integer. Would that work for you?
> >
> > This is changing the "get" routine for reporting module parameters out
> > of /sys. I think the right choice here is sysfs_emit(), as it performs
> > the size tracking correctly. (Even the "default" sprintf() call should
> > be replaced too, IMO.)
>
> Agreed, that's even better.
>

Thanks folks. Will send over a v2 which replaces strlcpy with sysfs_emit.

Next message: Mathias Krause: "Re: [PATCH] timekeeping: Align tick_sched_timer() with the HZ tick. -- regression report"
Previous message: Rajvi Jingar: "[PATCH 5/8] platform/x86:intel/pmc: Discover PMC devices"
In reply to: Chuck Lever III: "Re: [PATCH] SUNRPC: Replace strlcpy with strscpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]