lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <CAD=FV=UhEeZdCwL0kVmDHZF03q+Jp5iOiUvbNNoCDuBr3os9qQ@mail.gmail.com>
Date: Mon, 18 Aug 2025 13:42:15 -0700
From: Doug Anderson <dianders@...omium.org>
To: Thorsten Blum <thorsten.blum@...ux.dev>
Cc: Jason Wessel <jason.wessel@...driver.com>, Daniel Thompson <danielt@...nel.org>, 
	Nir Lichtman <nir@...htman.org>, Yuran Pereira <yuran.pereira@...mail.com>, 
	Greg Kroah-Hartman <gregkh@...uxfoundation.org>, Zhang Heng <zhangheng@...inos.cn>, 
	"Dr. David Alan Gilbert" <linux@...blig.org>, linux-hardening@...r.kernel.org, 
	Daniel Thompson <daniel@...cstar.com>, kgdb-bugreport@...ts.sourceforge.net, 
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH 4/4] kdb: Replace deprecated strcpy() with helper function
 in kdb_defcmd()

Hi,

On Mon, Aug 18, 2025 at 11:13 AM Thorsten Blum <thorsten.blum@...ux.dev> wrote:
>
> +/*
> + * kdb_strdup_dequote - same as kdb_strdup(), but trims surrounding quotes from
> + *                     the input string if present.
> + * Remarks:
> + *     Quotes are only removed if there is both a leading and a trailing quote.
> + */
> +char *kdb_strdup_dequote(const char *str, gfp_t type)
> +{
> +       size_t len = strlen(str);
> +       char *s;
> +
> +       if (str[0] == '"' && len > 1 && str[len - 1] == '"') {
> +               /* trim both leading and trailing quotes */
> +               str++;
> +               len -= 2;
> +       }
> +
> +       len++; /* add space for NUL terminator */
> +
> +       s = kmalloc(len, type);
> +       if (!s)
> +               return NULL;
> +
> +       memcpy(s, str, len);
> +       s[len - 1] = '\0';

Very nitty, but technically the above memcpy() could pass "len - 1", right?

It doesn't really matter other than the wasteful copy of 1-byte, so:

Reviewed-by: Douglas Anderson <dianders@...omium.org>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ