lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <ZcPDMZFPY08S4MGR@duo.ucw.cz>
Date: Wed, 7 Feb 2024 18:51:45 +0100
From: Pavel Machek <pavel@....cz>
To: Justin Stitt <justinstitt@...gle.com>
Cc: Kees Cook <keescook@...omium.org>, Andy Shevchenko <andy@...nel.org>,
	Rasmus Villemoes <linux@...musvillemoes.dk>,
	linux-hardening@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [RFC] string: Allow 2-argument strscpy()

Hi!

> > Using sizeof(dst) is the overwhelmingly common case for strscpy().
> > Instead of requiring this everywhere, allow a 2-argument version to be
> > used that will use the sizeof() internally.
> 
> Yeah, this is definitely the case. I have a ton of patches replacing
> strncpy with strscpy [1] and many of them match the pattern of:
> | strscpy(dest, src, sizeof(dest))
> 
> BTW, this hack for function overloading is insane. Never really looked into
> it before.

This hack is insane, but this is also highly confusing, please don't
do this.

BR,
									Pavel
-- 
People of Russia, stop Putin before his war on Ukraine escalates.

Download attachment "signature.asc" of type "application/pgp-signature" (196 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ