lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Sat, 07 Aug 2021 08:17:39 -0700
From:   Joe Perches <>
To:     Len Baker <>, Kees Cook <>
Cc:     "Russell King (Oracle)" <>,
        Dmitry Torokhov <>,
        Lee Jones <>,
        Uwe Kleine-K├Ânig 
Subject: Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of

On Sat, 2021-08-07 at 16:02 +0200, Len Baker wrote:
> On Sun, Aug 01, 2021 at 09:44:33AM -0700, Kees Cook wrote:
> > One thing is clear: replacing strlcpy() with strscpy() is probably the
> > easiest and best first step to cleaning up the proliferation of str*()
> > functions.
> Thanks for all this info. I will work on it (clean up the proliferation
> of str*() functions).


It's not possible to sed as the return value is different,
but here is a cocci script that converts strlcpy to strscpy
when the return value is unused.

    expression e1, e2, e3;
    -       strlcpy(
    +       strscpy(
            e1, e2, e3);

This cocci script was used on sound/ awhile back.
see commit 75b1a8f9d62e.

Powered by blists - more mailing lists