Re: deprecated.rst: deprecated strcpy ? (was: [PATCH] checkpatch: add a new check for strcpy/strlcpy uses)

On Thu, Jan 07, 2021 at 04:51:31PM -0800, Joe Perches wrote: > I still like the stracpy variant I proposed: > > https://lore.kernel.org/lkml/24bb53c57767c1c2a8f266c305a67...@sk2.org/T/#m0627aa770a076af1937cb5c610ed71dab3f1da72 > https://lore.kernel.org/lkml/CAHk-=wgqQKoAnhmhGE-2PBFt7oQs9LLAATKbYa5

RE: deprecated.rst: deprecated strcpy ? (was: [PATCH] checkpatch: add a new check for strcpy/strlcpy uses)

From: Joe Perches > Sent: 08 January 2021 00:52 ... > > The original goal was to use another helper that worked on static > > strings like this. Linus rejected that idea, so we're in a weird place. > > I think we could perhaps build a strcpy() replacement that requires > > compile-time validated ar

Re: deprecated.rst: deprecated strcpy ? (was: [PATCH] checkpatch: add a new check for strcpy/strlcpy uses)

On Thu, 2021-01-07 at 13:16 -0800, Kees Cook wrote: > On Tue, Jan 05, 2021 at 01:28:18AM -0800, Joe Perches wrote: > > On Tue, 2021-01-05 at 14:29 +0530, Dwaipayan Ray wrote: > > > On Tue, Jan 5, 2021 at 2:14 PM Joe Perches wrote: > > > > > > > > On Tue, 2021-01-05 at 13:53 +0530, Dwaipayan Ray w

Re: deprecated.rst: deprecated strcpy ? (was: [PATCH] checkpatch: add a new check for strcpy/strlcpy uses)

On Tue, Jan 05, 2021 at 01:28:18AM -0800, Joe Perches wrote: > On Tue, 2021-01-05 at 14:29 +0530, Dwaipayan Ray wrote: > > On Tue, Jan 5, 2021 at 2:14 PM Joe Perches wrote: > > > > > > On Tue, 2021-01-05 at 13:53 +0530, Dwaipayan Ray wrote: > > > > strcpy() performs no bounds checking on the dest

RE: [PATCH] checkpatch: add a new check for strcpy/strlcpy uses

From: Joe Perches > Sent: 05 January 2021 08:44 > > On Tue, 2021-01-05 at 13:53 +0530, Dwaipayan Ray wrote: > > strcpy() performs no bounds checking on the destination buffer. > > This could result in linear overflows beyond the end of the buffer. > > > > strlcpy() reads the entire source buffer f

deprecated.rst: deprecated strcpy ? (was: [PATCH] checkpatch: add a new check for strcpy/strlcpy uses)

On Tue, 2021-01-05 at 14:29 +0530, Dwaipayan Ray wrote: > On Tue, Jan 5, 2021 at 2:14 PM Joe Perches wrote: > > > > On Tue, 2021-01-05 at 13:53 +0530, Dwaipayan Ray wrote: > > > strcpy() performs no bounds checking on the destination buffer. > > > This could result in linear overflows beyond the

Re: [PATCH] checkpatch: add a new check for strcpy/strlcpy uses

On Tue, Jan 5, 2021 at 2:14 PM Joe Perches wrote: > > On Tue, 2021-01-05 at 13:53 +0530, Dwaipayan Ray wrote: > > strcpy() performs no bounds checking on the destination buffer. > > This could result in linear overflows beyond the end of the buffer. > > > > strlcpy() reads the entire source buffer

Re: [PATCH] checkpatch: add a new check for strcpy/strlcpy uses

On Tue, 2021-01-05 at 13:53 +0530, Dwaipayan Ray wrote: > strcpy() performs no bounds checking on the destination buffer. > This could result in linear overflows beyond the end of the buffer. > > strlcpy() reads the entire source buffer first. This read > may exceed the destination size limit. Thi

[PATCH] checkpatch: add a new check for strcpy/strlcpy uses

strcpy() performs no bounds checking on the destination buffer. This could result in linear overflows beyond the end of the buffer. strlcpy() reads the entire source buffer first. This read may exceed the destination size limit. This can be both inefficient and lead to linear read overflows. The