| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <aAdNVAzu0rmIfGGC@smile.fi.intel.com>
Date: Tue, 22 Apr 2025 11:03:32 +0300
From: Andy Shevchenko <andriy.shevchenko@...ux.intel.com>
To: Thorsten Blum <thorsten.blum@...ux.dev>
Cc: Thomas Bogendoerfer <tsbogend@...ha.franken.de>,
Alexander Sverdlin <alexander.sverdlin@...il.com>,
Linus Walleij <linus.walleij@...aro.org>,
Bartosz Golaszewski <bartosz.golaszewski@...aro.org>,
linux-hardening@...r.kernel.org, linux-mips@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] MIPS: BCM63XX: Replace strcpy() with strscpy() in
board_prom_init()
On Tue, Apr 22, 2025 at 09:42:55AM +0200, Thorsten Blum wrote:
> strcpy() is deprecated; use strscpy() instead.
> Link: https://github.com/KSPP/linux/issues/88
> Cc: linux-hardening@...r.kernel.org
Can you use --cc OR put this line...
> Signed-off-by: Thorsten Blum <thorsten.blum@...ux.dev>
> ---
...here (after the cutter), so we won't see this in the commit message? The
list will be available in the lore archive anyway.
> @@ -764,7 +764,7 @@ void __init board_prom_init(void)
> snprintf(cfe_version, 12, "%s", (char *) &cfe[4]);
> }
> } else {
> - strcpy(cfe_version, "unknown");
> + strscpy(cfe_version, "unknown");
> }
Have you compiled this with `make W=1` with recent GCCs? I would recommend to
rewrite the whole function, as per commit ee44a1def7ee ("leds: core: Bail out
when composed name can't fit the buffer") in Linux Next.
--
With Best Regards,
Andy Shevchenko
Powered by blists - more mailing lists