> -----Original Message-----
> From: Joe Perches [mailto:[email protected]]
> Sent: Monday, July 22, 2019 11:11 PM
> To: Kees Cook <[email protected]>; Gote, Nitin R
> <[email protected]>
> Cc: [email protected]; [email protected]; [email protected];
> [email protected]; [email protected]
> Subject: Re: [PATCH v5] Documentation/checkpatch: Prefer
> strscpy/strscpy_pad over strcpy/strlcpy/strncpy
>
> On Mon, 2019-07-22 at 10:30 -0700, Kees Cook wrote:
> > On Wed, Jul 17, 2019 at 10:00:05AM +0530, NitinGote wrote:
> > > From: Nitin Gote <[email protected]>
> > >
> > > Added check in checkpatch.pl to
> > > 1. Deprecate strcpy() in favor of strscpy().
> > > 2. Deprecate strlcpy() in favor of strscpy().
> > > 3. Deprecate strncpy() in favor of strscpy() or strscpy_pad().
> > >
> > > Updated strncpy() section in Documentation/process/deprecated.rst
> > > to cover strscpy_pad() case.
> > >
> > > Signed-off-by: Nitin Gote <[email protected]>
> >
> > Reviewed-by: Kees Cook <[email protected]>
> >
> > Joe, does this address your checkpatch concerns?
>
> Well, kinda.
>
> strscpy_pad isn't used anywhere in the kernel.
>
> And
>
> + "strncpy" => "strscpy, strscpy_pad or for
> non-
> NUL-terminated strings, strncpy() can still be used, but destinations should
> be marked with __nonstring",
>
> is a bit verbose. This could be simply:
>
> + "strncpy" => "strscpy - for non-NUL-terminated uses, strncpy() dst
> should be __nonstring",
>
But, if the destination buffer needs extra NUL-padding for remaining size of
destination,
then safe replacement is strscpy_pad(). Right? If yes, then what is your
opinion on below change :
"strncpy" => "strscpy, strcpy_pad - for non-NUL-terminated uses,
strncpy() dst
should be __nonstring",
> And I still prefer adding stracpy as it
> reduces code verbosity and eliminates defects.
>
-Nitin
