[Linux-kernel-mentees] [PATCH] checkpatch: add a new check for strcpy/strlcpy uses
dwaipayanray1 at gmail.com
Tue Jan 5 08:19:30 UTC 2021
On Tue, Jan 5, 2021 at 1:32 PM Lukas Bulwahn <lukas.bulwahn at gmail.com> wrote:
> On Mon, Jan 4, 2021 at 2:25 PM Dwaipayan Ray <dwaipayanray1 at gmail.com> wrote:
> > strcpy() performs no bounds checking on the destination buffer.
> > This could result in linear overflows beyond the end of the buffer.
> > strlcpy() reads the entire source buffer first. This read
> > may exceed the destination size limit. This can be both inefficient
> > and lead to linear read overflows.
> > The safe replacement to both of these is to use strscpy() instead.
> > Add a new checkpatch warning which alerts the user on finding usage of
> > strcpy() or strlcpy().
> > Signed-off-by: Dwaipayan Ray <dwaipayanray1 at gmail.com>
> > ---
> I remember Joe has already created a patch for that over Christmas
> break; check lkml before sending this.
> Other than that, looks good.
Yes I found it:
He has converted the uses in code. But I don't think he has created
the checkpatch rule yet. I will try sending it out to him.
More information about the Linux-kernel-mentees