Re: [PATCH] crypto: essiv - Replace memcpy() + NUL-termination with strscpy()
From: Thorsten Blum
Date: Sun Mar 23 2025 - 09:09:31 EST
Hi David,
On 23. Mar 2025, at 11:20, David Laight wrote:
> On Sun, 16 Mar 2025 22:15:04 +0100 Thorsten Blum wrote:
>
>> Use strscpy() to copy the NUL-terminated string 'p' to the destination
>> buffer instead of using memcpy() followed by a manual NUL-termination.
>>
>> No functional changes intended.
>>
>> Signed-off-by: Thorsten Blum <thorsten.blum@xxxxxxxxx>
>> ---
>
> The 'len' argument to strscpy() is supposed to be the length of the
> buffer (in order to avoid overflow) not the number of characters.
Not necessarily, see linux/string.h:
/**
* strscpy - Copy a C-string into a sized buffer
* ...
* The size argument @... is only required when @dst is not an array, or
* when the copy needs to be smaller than sizeof(@dst).
* ...
*/
> In this case the bound check is before the copy (and the buffer assumed
> to be the right size!)
> So memcpy() + terminate is exactly correct.
Yes, this is simply a refactoring, there's nothing wrong with memcpy()
followed by a manual NUL-termination.
However, strscpy() is shorter and semantically better imo because we're
copying C-strings and not just raw bytes. strscpy() also has additional
compile-time checks regarding C-strings that memcpy() doesn't.
Thanks,
Thorsten