tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: strscpy



Le 30/05/2020 à 17:41, Taylor R Campbell a écrit :
All that said, I think we should go through an exercise of converting
various different uses of strlcpy to any proposed semantics to see if
it makes sense for them and/or fixes bugs and/or improves legibility.

Here is a patch that converts all of the copystr() calls in the kernel to
strkcpy(). One exception is vfs_subr.c where it will be done differently
and isn't included here.

	https://m00nbsd.net/garbage/libkern/strkcpy.diff

This covers the "difficult" cases. The rest is easy and can be switched
almost mechanically.

What can be noted is that there are more cases where we want the size
instead of the length in the return value. But that won't be true when
we include the ~dozen of misc strlcpy() calls that check return value,
and expect a length rather than a size.

Overall, this implementation seems rather good to me.

Maxime


Home | Main Index | Thread Index | Old Index