Received: by 2002:a05:6a10:1287:0:0:0:0 with SMTP id d7csp2059807pxv; Sat, 24 Jul 2021 04:13:59 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwTb+RoY45PHgzuLpzpi/A6HmdUr8i9QjfSB0XtjME1v3k4f8P+F4/xrvF6e9H9gBRWKaK6 X-Received: by 2002:aa7:d397:: with SMTP id x23mr10646790edq.174.1627125238942; Sat, 24 Jul 2021 04:13:58 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1627125238; cv=none; d=google.com; s=arc-20160816; b=hMa93VOmYuei2bXivcTEn/cfG6svhxcbnMrtF2yf8bgjMZpwrT0f4dzzQqkmM83ug9 ejr2/0qm6M2FU6zZYMsTcFvFFd8LWH5goBg4MqjV8A7xywtiUkfoMOegHKvk3wEl/I0o hqYo7YthXadOs7rfN/NJEXyqt5R7fZ6oaS8R5f+EfKg5XsDXwPEfoi2Rk9eYITeSVC0C ES3DPymXMzTjZy33Rg5I3tt7fkNg7+i7q5tgZ/d+uOVCXn6U95gHt7jlEUHidSj2gbxk hqDp9s6lVXWywcd+Y4un3malPRjb+KomEVjxeqr9jyxVw+nN2GWjibrRUYuegHra+vd4 KG7A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:from:date:dkim-signature; bh=KYk7VoM8GnioRiHccFVzWQ5tNdeknd022jiBtNvdCtI=; b=WxedVfUVCfO6o6cAbY6m63SaoNPFtihvRUOj69twknwLgzNVt5LcJLfkNh9k/WpkDA CpQaSx+12ue4oLuGyVmw1FveJVgbet4F211WviSpN7+lkysfYJuR3LMWtRezQlb8lOZt diSGs0iJHI4VEB0dciSkr18ANJOJlJKBKLInQM7btRyAJhKQ313YkvRDUKcuVdJcotYF U+rvSGviu79FwdF42BzvpxzggTdDzqFl6r2xLZMmV+wNZv96azN9M1nC16NoGlm+Qfiy bMoSgeK1GY2zn4eW5Dt1ULby9MDkv0zdOzrlQWUVtiqm3W/YKj3yD1x2OPCMZpOPLDUW m3og== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmx.net header.s=badeba3b8450 header.b=a87pv1Kw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gmx.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id o1si36410681edr.440.2021.07.24.04.13.33; Sat, 24 Jul 2021 04:13:58 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@gmx.net header.s=badeba3b8450 header.b=a87pv1Kw; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=gmx.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231955AbhGXK32 (ORCPT + 99 others); Sat, 24 Jul 2021 06:29:28 -0400 Received: from mout.gmx.net ([212.227.15.15]:55457 "EHLO mout.gmx.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230094AbhGXK32 (ORCPT ); Sat, 24 Jul 2021 06:29:28 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1627124983; bh=I7mxd5VcyCEIOuEVnYddEO8MCpGzXZD1UMUFjtjuZDw=; h=X-UI-Sender-Class:Date:From:To:Cc:Subject:References:In-Reply-To; b=a87pv1KwZL6O1bhqDmgpBjeZFyTyfTjqXM8aRp/s4LFJoaUpQiszVWRYKWmKOPl4o r7FX3cQCbrgBFc/X5aFJ70sMqXKJIulLEAzVmL+vS/AznIeeiej/iCrai5y1AZN97K 9a5Droo2pr43ImFy3Itgp9JGdYRSqGHRS8hMQ+DI= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from titan ([83.52.228.41]) by mail.gmx.net (mrgmx005 [212.227.17.184]) with ESMTPSA (Nemesis) id 1MpDJd-1lIkHo21S3-00qgNc; Sat, 24 Jul 2021 13:09:43 +0200 Date: Sat, 24 Jul 2021 13:09:31 +0200 From: Len Baker To: Andy Shevchenko Cc: Len Baker , Greg Kroah-Hartman , Phil Reid , dri-devel , "open list:FRAMEBUFFER LAYER" , linux-staging@lists.linux.dev, Linux Kernel Mailing List Subject: Re: [PATCH] staging/fbtft: Remove all strcpy() uses Message-ID: <20210724110931.GA4709@titan> References: <20210718133920.15825-1-len.baker@gmx.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Provags-ID: V03:K1:hAZjLwuqO94d/UpjOqeAOLypbiz0VuSzukPMHWa+XYX6Y+vnhZp VxQvktFaDZ5Y8LK/xX7J6w8VyPP2Zdix8R3xZ28peruM6aLKmvK6Ee7+Dm9Z0AgGH/YDDD5 yTVfM0Qbb+awntKxxa4byQJa6oNbM7omU6bzjuW5sHUT7jx/y/3DTqfk+cLj42xHR8aKxAz 2oc6SnIzFFvckxjGCRa0A== X-Spam-Flag: NO X-UI-Out-Filterresults: notjunk:1;V03:K0:McaxoLakj4E=:dHY9KJtjnMypOmGHVH52iL fFYd/jF7e3htCiKPJjevmX5qZ03k6W0JU17BrdPxVSowh/ViXn1cPV5j0fL3szxvkUGqrlv+j GTA8DqbQAkycOn1StzpSRKOSuwVvKv7cgcdvkFYTiJ+hkdGit6vu8c82Dk+UfOK3YuhXU5qUH ByY0g8NSFjfn83w8Tn6m2eq+w618z8pFtDlQRICFXRkPnW/JCvvAJiL8i9mke7LtaOBLIMBHR t9D250XG5APUeYor87wAUnmirqVC/lmAQzU4zPsUjXagawfNs9VT+1hA5C8RWR6r2HB3/tHto ZGoMOn340F1ZqqxpqKHci8UyqFd2aANCkxcsdFB9nciq6cYBNpGSI/042vZ08kO29kK33GOy8 nGlpHwKh4TByWWBgxeeAzyBKdf5XF2M25RIuao9fKlR0GjCXKyGMUI/9KpLgXdwxiXnjs+xD4 C2xX0w/iFohQku5aDOf+wi0tmpfkbTEceFyyzjjDXX4W5cMk4TfwTIdawKNvnoA6WvyZfVY4s niaOCHnfXDldeSLB1DiNQHW3mrpaEQwBfmjVYlotg7bLHAQ3cgZi9/KzAxQkrZBGWTdz9n646 sO1JXqTqWGFixwFaG/2DocAipSYb5IdQxndnxmvLYfMFySP746V/1zyCci30SEOoouVxv3qqB bKFJepRUj1VdokfNdWIzxMC59dpJUMgAU8dc0GW90aKJqvfH1WWVIgoSMEJPo3zjiJDE+xDY6 i+ew8hNZSRkX0Ce0va1Oltrat2ps43XXAaxpMr72Wy22eG3U20eN8v1sxK1zrK0l5oJ7MlObZ rPVMe0/Kv3Ssn9psy7fe+PH2C4XJuuD4uyZ0VALojaRZKtbeBzvI126vCb36HiV/ISAocxXA+ isc2KAItqIYtOKLEp8iaINq9rmt8sjjOHNPlXXZ9xUNa66LVoitoAVf1c26fZiyIqT9KYXmCa o1ufsFC6XyD6OPl2E19syoyaDFXQco0t4UFgZ6nUM83rV0MntZU2JDNskFLRFwcygkM4Ru2Mk GuDrHahYVbIafQ5rhh3SbvOe4bOgyv54G7YrOenxvl/8I3dcVUE47+fpiiTiLU27Vs2EkDZva 4HFQP7ci2vtu3jQXJchNvZ3C/YmsRs79kun Content-Transfer-Encoding: quoted-printable Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Hi, On Sun, Jul 18, 2021 at 10:42:42PM +0300, Andy Shevchenko wrote: > On Sun, Jul 18, 2021 at 4:43 PM Len Baker wrote: > > > > strcpy() performs no bounds checking on the destination buffer. This > > could result in linear overflows beyond the end of the buffer, leading > > to all kinds of misbehaviors. The safe replacement is strscpy() but in > > this case it is simpler to add NULL to the first position since we wan= t > > to empty the string. > > > This is a previous step in the path to remove the strcpy() function. > > Any document behind this (something to read on the site(s) more or > less affiliated with what is going to happen in the kernel) to read > background? This is a task of the KSPP (kernel self protection project) [1] [1] https://github.com/KSPP/linux/issues/88 > > ... > > > case -1: > > i++; > > /* make debug message */ > > - strcpy(msg, ""); > > + msg[0] =3D 0; > > Strictly speaking it should be '\0'. Ok, understood. > > > j =3D i + 1; > > while (par->init_sequence[j] >=3D 0) { > > sprintf(str, "0x%02X ", par->init_sequ= ence[j]); > > > -- > With Best Regards, > Andy Shevchenko Thanks for the feedback, Len