Re: [PATCH] tracing/boot: Replace strlcpy with strscpy

From: Azeem Shaikh
Date: Thu Jun 15 2023 - 14:09:19 EST

Next message: Azeem Shaikh: "Re: [PATCH] usb: gadget: function: printer: Replace strlcpy with strscpy"
Previous message: Azeem Shaikh: "Re: [PATCH v2] usbip: usbip_host: Replace strlcpy with strscpy"
In reply to: Eric Biggers: "Re: [PATCH] tracing/boot: Replace strlcpy with strscpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Jun 14, 2023 at 1:13 PM Eric Biggers <ebiggers@xxxxxxxxxx> wrote:
>
> On Wed, Jun 14, 2023 at 10:01:57AM -0400, Azeem Shaikh wrote:
> > On Tue, Jun 13, 2023 at 3:27 PM Kees Cook <keescook@xxxxxxxxxxxx> wrote:
> > >
> > > On Tue, Jun 13, 2023 at 12:41:25AM +0000, Azeem Shaikh wrote:
> > > > strlcpy() reads the entire source buffer first.
> > > > This read may exceed the destination size limit.
> > > > This is both inefficient and can lead to linear read
> > > > overflows if a source string is not NUL-terminated [1].
> > > > In an effort to remove strlcpy() completely [2], replace
> > > > strlcpy() here with strscpy().
> > > >
> > > > Direct replacement is safe here since return value of -E2BIG
> > > > is used to check for truncation instead of sizeof(dest).
> > >
> > > This looks technically correct, but I wonder if "< 0" is a better test?
> >
> > Agreed. "< 0" might more generically represent -errno. Happy to send
> > over a v2 if you prefer that instead of sticking with this patch.
>
> Please go with "< 0", since it's easier to read and less error-prone. (It would
> be easy to mistype -E2BIG as -EFBIG, or E2BIG, for example...)
>

Thanks, sent out a v2 with this change.

Next message: Azeem Shaikh: "Re: [PATCH] usb: gadget: function: printer: Replace strlcpy with strscpy"
Previous message: Azeem Shaikh: "Re: [PATCH v2] usbip: usbip_host: Replace strlcpy with strscpy"
In reply to: Eric Biggers: "Re: [PATCH] tracing/boot: Replace strlcpy with strscpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]