Received: by 2002:ac0:a5a7:0:0:0:0:0 with SMTP id m36-v6csp2231412imm;
        Mon, 16 Jul 2018 04:43:25 -0700 (PDT)
X-Google-Smtp-Source: AAOMgpegoQm3KwFsX/JR3eLdLv+BiblMAdfoCq2Te5JWGZYzZDiHH/2N1rm526wqftKnvSd8SgXC
X-Received: by 2002:a63:5421:: with SMTP id i33-v6mr15472571pgb.417.1531741405004;
        Mon, 16 Jul 2018 04:43:25 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1531741404; cv=none;
        d=google.com; s=arc-20160816;
        b=jlCdIZ/LbYAWr9cdyt5I29uR+nRVr4sSSfknbXLnzO6apDeyMC5gT/+3uqVPRDJWgi
         tKdmHjFhDIvDYkZPiCWNx50zy0Pn1NclG0GvvBV74ayXypUZVT2odgOhJlV7hW4it5BU
         47DXOzirQDTifdHPsRXIGFeC5tW7IIGiAwMslqlXBzVh1CO3NUf0faqaj3ELYHI+DVI7
         txpYXaHLFlj2KrYVq1Tlf6RnWSDat2wBeJzjuUCe/GL0rzhtbmHzNa3q+82JxDVlnTo7
         4PQLMmX2fRqeaTHHL2VXaIzu3hA4yAvEnusvikIktFOAIozJHIFndKdRrgIAvjsOD3B9
         GiRQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:user-agent:in-reply-to
         :content-transfer-encoding:content-disposition:mime-version
         :references:message-id:subject:cc:to:from:date
         :arc-authentication-results;
        bh=Edvst6d2xHcS+DECTeTKTPFuVmHUPcF1i3gJNqGa584=;
        b=m+gEiybiZtF/Wn8QgxnPZL+PAqmwoiIWXLgjzuGb+8zUYhK3KILjLahNilI4XOcSxp
         Tnpt1rmgPAk9bxQDFE4kttPn1wO6Z3A/d2k0syaGa0Bd5hhlbNwUCu0Q/QGJb/7TvoZX
         Fxhg3y57HeviB/yMSYMCX3X2abHiyw8SPsjFsYVf7aaNNIcCOUwzQx5IXPkbDNzWcyQ1
         QyjVYKYq12/nUCw6+glpDX9G6GXMHn+GeP9+FlxCWkjfYw6UcK1NZWIP6Pz9ZET7mxgg
         5WwHf/0iIkK99TZEYFpteBWsILiT7o1bW9N9h1wJ7CzJcUYDGeYV/J9B8yJkgG51/9VH
         V/qg==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id y63-v6si29580496pgb.5.2018.07.16.04.43.09;
        Mon, 16 Jul 2018 04:43:24 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1730897AbeGPMJ0 (ORCPT <rfc822;noahbdev@gmail.com> + 99 others);
        Mon, 16 Jul 2018 08:09:26 -0400
Received: from nautica.notk.org ([91.121.71.147]:36062 "EHLO nautica.notk.org"
        rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP
        id S1728195AbeGPMJ0 (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
        Mon, 16 Jul 2018 08:09:26 -0400
Received: by nautica.notk.org (Postfix, from userid 1001)
        id 95CAEC009; Mon, 16 Jul 2018 13:42:21 +0200 (CEST)
Date:   Mon, 16 Jul 2018 13:42:06 +0200
From:   Dominique Martinet <asmadeus@codewreck.org>
To:     Jonathan Cameron <jic23@kernel.org>
Cc:     Hartmut Knaack <knaack.h@gmx.de>,
        Lars-Peter Clausen <lars@metafoo.de>,
        Peter Meerwald-Stadler <pmeerw@pmeerw.net>,
        Lorenzo Bianconi <lorenzo.bianconi83@gmail.com>,
        Linus Walleij <linus.walleij@linaro.org>,
        linux-iio@vger.kernel.org, linux-kernel@vger.kernel.org
Subject: Re: [PATCH 05/18] iio: change strncpy+truncation to strlcpy
Message-ID: <20180716114206.GA20555@nautica>
References: <1531444483-17338-1-git-send-email-asmadeus@codewreck.org>
 <1531445134-19250-1-git-send-email-asmadeus@codewreck.org>
 <20180715113907.3813384d@archlinux>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <20180715113907.3813384d@archlinux>
User-Agent: Mutt/1.5.21 (2010-09-15)
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

Jonathan Cameron wrote on Sun, Jul 15, 2018:
> On Fri, 13 Jul 2018 03:25:34 +0200
> Dominique Martinet <asmadeus@codewreck.org> wrote:
> > Generated by scripts/coccinelle/misc/strncpy_truncation.cocci
> > 
> > Signed-off-by: Dominique Martinet <asmadeus@codewreck.org>
> 
> Applied to the togreg branch of iio.git and pushed out as testing
> for the autobuilders to play with it.

Thanks!

I have been pointed out that strlcpy, unlike strncpy, will read past the
size given in the input string and thus is Bad™ if the input string is
not nul terminated.

After taking the time to check I believe this should not happen as the
original name seems to come from a dentry's d_name after proper
preparation (a buffer is allocated precisely for this purpose), but it
will not hurt to wait for that version.


The second reason I was waiting is that I intended to check for each
patch if it is safe to not pad the end of the string with zeroes (to
avoid e.g. information leaks) and that seems OK as well here after a
quick check but I wouldn't trust my own eyes this late so I'll let you
be judge of that if you feel like taking v1 anyway.

Otherwise, I'll recheck properly and submit a v2 with strscpy and a
better commit message after the coccinelle script is taken for inclusion
and doing a better check but this might take a while longer.


Thanks,
-- 
Dominique Martinet