Re: [PATCH] m68k: mm: Remove size argument when calling strscpy()
From: Finn Thain
Date: Thu Mar 06 2025 - 18:24:35 EST
On Thu, 6 Mar 2025, Geert Uytterhoeven wrote:
> On Mon, 3 Mar 2025 at 00:07, Thorsten Blum <thorsten.blum@xxxxxxxxx> wrote:
> > The size parameter of strscpy() is optional and specifying the size of
> > the destination buffer is unnecessary. Remove it to simplify the code.
> >
> > Signed-off-by: Thorsten Blum <thorsten.blum@xxxxxxxxx>
>
> Reviewed-by: Geert Uytterhoeven <geert@xxxxxxxxxxxxxx>
> i.e. will queue in the m68k tree for v6.15.
>
The commit message says "simplify the code" which is only true if you
never scratch the surface (i.e. it's simple code if the reader is simple
too...)
Commit 30035e45753b ("string: provide strscpy()") was a good idea. It was
easily auditable. But that's not what we have now.
Patches like this one (which appear across the whole tree) need reviewers
(lots of them) that know what kind of a bounds check you end up with when
you ask an arbitary compiler to evaluate this:
sizeof(dst) + __must_be_array(dst) + __must_be_cstr(dst) + __must_be_cstr(src)
Frankly, I can't be sure. But it's a serious question, and not what I'd
call a "simple" one.