Re: [PATCH v3] drivers/edac/edac_mc: Remove all strcpy() uses

From: Joe Perches
Date: Sat Aug 07 2021 - 13:10:04 EST

Next message: Wen Yang: "[PATCH] ipv4: return early for possible invalid uaddr"
Previous message: Vladimir Oltean: "Re: [PATCH v3 net-next 05/10] net: dsa: microchip: add DSA support for microchip lan937x"
In reply to: Len Baker: "[PATCH v3] drivers/edac/edac_mc: Remove all strcpy() uses"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Sat, 2021-08-07 at 17:59 +0200, Len Baker wrote:
> strcpy() performs no bounds checking on the destination buffer. This
> could result in linear overflows beyond the end of the buffer, leading
> to all kinds of misbehaviors. The safe replacement is strscpy().

Probably better to change the commit subject to something like
what is generally used by the subsystem.

Maybe:
EDAC/mc: Convert strcpy to strscpy
or
EDAC/mc: Prefer strscpy over strcpy

and also:

> diff --git a/drivers/edac/edac_mc.c b/drivers/edac/edac_mc.c
[]
> @@ -1113,11 +1115,11 @@ void edac_mc_handle_error(const enum hw_event_mc_err_type type,
> p = e->label;
> *p = '\0';
> } else {
> - if (p != e->label) {
> - strcpy(p, OTHER_LABEL);
> - p += strlen(OTHER_LABEL);
> - }
> - strcpy(p, dimm->label);
> + const char *text = (p != e->label) ? OTHER_LABEL :
> + dimm->label;
> +
> + strscpy(p, text, len);
> + len -= strlen(p);
> p += strlen(p);

Perhaps this should use scnprintf rather than strscpy
Something like:
n += scnprintf(buf + n, len - n, "%s",
p == e->label ? dim->label : OTHER_LABEL);

Next message: Wen Yang: "[PATCH] ipv4: return early for possible invalid uaddr"
Previous message: Vladimir Oltean: "Re: [PATCH v3 net-next 05/10] net: dsa: microchip: add DSA support for microchip lan937x"
In reply to: Len Baker: "[PATCH v3] drivers/edac/edac_mc: Remove all strcpy() uses"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]