LinuxLists.cc - [PATCH] net: qcom/emac: Replace strlcpy with strscpy

2021-09-06 14:00:26

Subject: [PATCH] net: qcom/emac: Replace strlcpy with strscpy

The strlcpy should not be used because it doesn't limit the source
length. As linus says, it's a completely useless function if you
can't implicitly trust the source string - but that is almost always
why people think they should use it! All in all the BSD function
will lead some potential bugs.

But the strscpy doesn't require reading memory from the src string
beyond the specified "count" bytes, and since the return value is
easier to error-check than strlcpy()'s. In addition, the implementation
is robust to the string changing out from underneath it, unlike the
current strlcpy() implementation.

Thus, We prefer using strscpy instead of strlcpy.

Signed-off-by: Jason Wang <[email protected]>
---
drivers/net/ethernet/qualcomm/emac/emac-ethtool.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/net/ethernet/qualcomm/emac/emac-ethtool.c b/drivers/net/ethernet/qualcomm/emac/emac-ethtool.c
index 79e50079ed03..f72e13b83869 100644
--- a/drivers/net/ethernet/qualcomm/emac/emac-ethtool.c
+++ b/drivers/net/ethernet/qualcomm/emac/emac-ethtool.c
@@ -100,7 +100,7 @@ static void emac_get_strings(struct net_device *netdev, u32 stringset, u8 *data)

case ETH_SS_STATS:
for (i = 0; i < EMAC_STATS_LEN; i++) {
- strlcpy(data, emac_ethtool_stat_strings[i],
+ strscpy(data, emac_ethtool_stat_strings[i],
ETH_GSTRING_LEN);
data += ETH_GSTRING_LEN;
}
--
2.33.0

2021-09-06 15:51:49

by patchwork-bot+netdevbpf

[permalink] [raw]

Subject: Re: [PATCH] net: qcom/emac: Replace strlcpy with strscpy

Hello:

This patch was applied to netdev/net.git (refs/heads/master):

On Mon, 6 Sep 2021 21:56:53 +0800 you wrote:
> The strlcpy should not be used because it doesn't limit the source
> length. As linus says, it's a completely useless function if you
> can't implicitly trust the source string - but that is almost always
> why people think they should use it! All in all the BSD function
> will lead some potential bugs.
>
> But the strscpy doesn't require reading memory from the src string
> beyond the specified "count" bytes, and since the return value is
> easier to error-check than strlcpy()'s. In addition, the implementation
> is robust to the string changing out from underneath it, unlike the
> current strlcpy() implementation.
>
> [...]

Here is the summary with links:
- net: qcom/emac: Replace strlcpy with strscpy
https://git.kernel.org/netdev/net/c/0a83299935f0

You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html