Re: [PATCH 2/6] lib/string: Fix erroneous 'overflow' documentation
From: Kees Cook
Date: Wed Feb 20 2019 - 19:02:54 EST
On Mon, Feb 18, 2019 at 3:24 PM Tobin C. Harding <tobin@xxxxxxxxxx> wrote:
>
> Current documentation uses 'overflow' to describe a situation where less
> data is written to a buffer than buffer size not more. 'overflow' is
> the wrong word here - since we don't typically say 'underflow' change
> the whole sentence.
>
> Fix erroneous 'overflow' documentation for under filled buffer.
>
> Signed-off-by: Tobin C. Harding <tobin@xxxxxxxxxx>
> ---
> lib/string.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/lib/string.c b/lib/string.c
> index 38e4ca08e757..7f1d72db53c5 100644
> --- a/lib/string.c
> +++ b/lib/string.c
> @@ -173,8 +173,8 @@ EXPORT_SYMBOL(strlcpy);
> *
> * Preferred to strncpy() since it always returns a valid string, and
> * doesn't unnecessarily force the tail of the destination buffer to be
> - * zeroed. If the zeroing is desired, it's likely cleaner to use strscpy()
> - * with an overflow test, then just memset() the tail of the dest buffer.
> + * zeroed. If the zeroing is desired, it's likely cleaner to use strscpy(),
> + * check the return size, then just memset() the tail of the dest buffer.
> */
I'd just fold this patch into the strscpy_zeroed() patch. No need for
a kind of "no op" change here when we'll just change it again with a
better advice ("use strscpy_zeroed()!")
--
Kees Cook