Re: [PATCH v2] tracing/boot: Replace strlcpy with strscpy

From: Steven Rostedt
Date: Tue Jun 20 2023 - 16:33:33 EST

Next message: Kees Cook: "Re: [PATCH v2] tracing/boot: Replace strlcpy with strscpy"
Previous message: Nick Desaulniers: "Re: [PATCH v2 0/4] riscv: enable HAVE_LD_DEAD_CODE_DATA_ELIMINATION"
In reply to: Kees Cook: "Re: [PATCH v2] tracing/boot: Replace strlcpy with strscpy"
Next in thread: Kees Cook: "Re: [PATCH v2] tracing/boot: Replace strlcpy with strscpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, 20 Jun 2023 13:28:26 -0700
Kees Cook <keescook@xxxxxxxxxxxx> wrote:

> On Thu, 15 Jun 2023 18:04:20 +0000, Azeem Shaikh wrote:
> > strlcpy() reads the entire source buffer first.
> > This read may exceed the destination size limit.
> > This is both inefficient and can lead to linear read
> > overflows if a source string is not NUL-terminated [1].
> > In an effort to remove strlcpy() completely [2], replace
> > strlcpy() here with strscpy().
> >
> > [...]
>
> Applied to for-next/hardening, thanks!
>
> [1/1] tracing/boot: Replace strlcpy with strscpy
> https://git.kernel.org/kees/c/b1c38314f756
>

I was going to add this to my queue.

-- Steve

Next message: Kees Cook: "Re: [PATCH v2] tracing/boot: Replace strlcpy with strscpy"
Previous message: Nick Desaulniers: "Re: [PATCH v2 0/4] riscv: enable HAVE_LD_DEAD_CODE_DATA_ELIMINATION"
In reply to: Kees Cook: "Re: [PATCH v2] tracing/boot: Replace strlcpy with strscpy"
Next in thread: Kees Cook: "Re: [PATCH v2] tracing/boot: Replace strlcpy with strscpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]