Subject: Re: strl{cpy,cat} into libkern
To: Noriyuki Soda <>
From: Greg 'groggy' Lehey <>
List: tech-kern
Date: 05/15/2003 13:51:40
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline

On Thursday, 15 May 2003 at  0:42:59 +0900, Noriyuki Soda wrote:
>>>>>> On Thu, 15 May 2003 00:33:58 +0900,
> 	Jun-ichiro itojun Hagino <> said:
>> 	is it ok if i introduce strl{cpy,cat} into libkern?  strcpy -> strlcpy
>> 	rewrite will be next.
> Is there any insecure usage of str{cpy,cat} in kernel?

If not, there would be when (if) Vinum gets imported.

> But I don't think it's right thing to blindly rewrite str{cpy,cat}
> to strl{cpy,cat}, because there are many cases that completely
> secure usage of str{cpy,cat}.


Ted Unangst has recently ported Vinum to OpenBSD, and one of the few
changes he made was to change some strcpys to strlcpys, etc.  For

-           strcpy(ioctl_reply->msg, text);
+           strlcpy(ioctl_reply->msg, text, sizeof(ioctl_reply->msg));

On the other hand, it doesn't seem to be necessary to change this kind
of call:

		strcpy(ioctl_reply->msg, "no additional drives found");

This relies on knowing that ioctl_reply->msg is much bigger than any
normal text, of course.

Finger for PGP public key
See complete headers for address and phone numbers

Content-Type: application/pgp-signature
Content-Disposition: inline

Version: GnuPG v1.2.0 (FreeBSD)