Re: [PATCH] net: ethernet: broadcom: replace strcpy with strscpy

Next message: Easwar Hariharan: "Re: [PATCH v4 0/3] Add support for clean shutdown with MSHV"
Previous message: Nicolin Chen: "Re: [PATCH v5 09/14] iommu/amd: Introduce struct amd_iommu_viommu"
In reply to: Shi Hao: "[PATCH] net: ethernet: broadcom: replace strcpy with strscpy"
Next in thread: ShiHao: "Re: [PATCH] net: ethernet: broadcom: replace strcpy with strscpy"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

From: David Laight

Date: Thu Nov 13 2025 - 14:22:24 EST

On Thu, 13 Nov 2025 13:55:17 +0530
Shi Hao <i.shihao.999@xxxxxxxxx> wrote:

> Replace strcpy function calls with strscpy to ensure bounds checking
> in the destination buffer, preventing buffer overflows and improving
> security. This change aligns with current kernel coding guidelines
> and best practices.
>
...
> - strcpy(tp->board_part_number, "BCM5717");
> + strscpy(tp->board_part_number, "BCM5717", TG3_BPN_SIZE);

No one really knows that TG3_BPN_SIZE is in any way related to the destination.
So this doesn't actually make the code that much better at all.

Since tp->board_part_number is an array and "BCM5717" a constant I suspect
there is already a compile-time check that the string fits.
The strcpy() will also be converted to a memcpy().

So all, in all, this makes the code worse on several fronts.

David