Re: [PATCH] kconfig/lxdialog: replace strcpy() with strscpy() in inputbox.c
From: Franco Martelli
Date: Fri Jul 25 2025 - 05:55:14 EST
On 25/07/25 at 07:59, Suchit Karunakaran wrote:
strcpy() performs no bounds checking and can lead to buffer overflows if
the input string exceeds the destination buffer size. Replace it with
strscpy(), which ensures the input is always NULL-terminated and
prevents overflows.
Signed-off-by: Suchit Karunakaran <suchitkarunakaran@xxxxxxxxx>
---
scripts/kconfig/lxdialog/inputbox.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c
index 3c6e24b20f5b..8880ccaffa0b 100644
--- a/scripts/kconfig/lxdialog/inputbox.c
+++ b/scripts/kconfig/lxdialog/inputbox.c
@@ -40,7 +40,7 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width
if (!init)
instr[0] = '\0';
else
- strcpy(instr, init);
+ strscpy(instr, init, MAX_LEN + 1);
do_resize:
if (getmaxy(stdscr) <= (height - INPUTBOX_HEIGHT_MIN))
perhaps it's better to sanitize the whole code in
script/kconfig not only in lxdialog/inputbox.c
$ grep -Rn strcpy scripts/kconfig/*
scripts/kconfig/confdata.c:143: strcpy(depfile_path +
depfile_prefix_len, name);
scripts/kconfig/lxdialog/util.c:348: strcpy(tempstr, prompt);
scripts/kconfig/lxdialog/inputbox.c:43: strcpy(instr, init);
scripts/kconfig/symbol.c:764: strcpy(val, newval);
scripts/kconfig/util.c:55: strcpy(gs.s, "\0");
because the script "checkpatch.pl" emits a warning
whether strcpy() function is used:
WARNING: Prefer strscpy over strcpy - see:
https://github.com/KSPP/linux/issues/88
Kind regards,
--
Franco Martelli