| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 27 Aug 2020 15:11:57 -0700
From: Joe Perches <joe@...ches.com>
To: David Laight <David.Laight@...LAB.COM>,
Julia Lawall <julia.lawall@...ia.fr>
Cc: Alex Dewar <alex.dewar90@...il.com>,
Rasmus Villemoes <linux@...musvillemoes.dk>,
cocci <cocci@...teme.lip6.fr>, Kees Cook <keescook@...omium.org>,
Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
"linux-usb@...r.kernel.org" <linux-usb@...r.kernel.org>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"Gustavo A. R. Silva" <gustavoars@...nel.org>,
"accessrunner-general@...ts.sourceforge.net"
<accessrunner-general@...ts.sourceforge.net>
Subject: Re: [Cocci] [PATCH] usb: atm: don't use snprintf() for sysfs attrs
On Thu, 2020-08-27 at 22:03 +0000, David Laight wrote:
> From: Joe Perches
> > Sent: 27 August 2020 21:30
> ...
> > Perhaps what's necessary is to find any
> > appropriate .show function and change
> > any use of strcpy/sprintf within those
> > function to some other name.
> >
> > For instance:
> >
> > drivers/isdn/mISDN/core.c-static ssize_t name_show(struct device *dev,
> > drivers/isdn/mISDN/core.c- struct device_attribute *attr, char *buf)
> > drivers/isdn/mISDN/core.c-{
> > drivers/isdn/mISDN/core.c: strcpy(buf, dev_name(dev));
> > drivers/isdn/mISDN/core.c- return strlen(buf);
> > drivers/isdn/mISDN/core.c-}
> > drivers/isdn/mISDN/core.c-static DEVICE_ATTR_RO(name);
>
> That form ends up calculating the string length twice.
> Better would be:
> len = strlen(msg);
> memcpy(buf, msg, len);
> return len;
or given clang's requirement for stpcpy
return stpcpy(buf, dev_name(dev)) - buf;
(I do not advocate for this ;)
Powered by blists - more mailing lists