Re: [PATCH] crypto: hisilicon - fix strncpy warning with strlcpy
From: Herbert Xu
Date: Thu Jun 04 2020 - 02:18:42 EST
On Thu, Jun 04, 2020 at 02:10:37PM +0800, Zhangfei Gao wrote:
>
> > Should this even allow truncation? Perhaps it'd be better to fail
> > in case of an overrun?
> I think we do not need consider overrun, since it at most copy size-1 bytes
> to dest.
> From the manual: strlcpy()
> This function is similar to strncpy(), but it copies at most
> size-1 bytes to dest, always adds a terminating null
> byte,
> And simple tested with smaller SIZE of interface.name, only SIZE-1 is
> copied, so it is safe.
> -#define UACCE_MAX_NAME_SIZE 64
> +#define UACCE_MAX_NAME_SIZE 4
That's not what I meant. As it is if you do exceed the limit the
name is silently truncated. Wouldn't it be better to fail the
allocation instead?
Cheers,
--
Email: Herbert Xu <herbert@xxxxxxxxxxxxxxxxxxx>
Home Page: http://gondor.apana.org.au/~herbert/
PGP Key: http://gondor.apana.org.au/~herbert/pubkey.txt