lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Sun, 14 Aug 2022 04:02:53 +0200
From:   Wolfram Sang <wsa@...nel.org>
To:     Linus Torvalds <torvalds@...ux-foundation.org>,
        Julia Lawall <julia.lawall@...ia.fr>,
        linux-i2c@...r.kernel.org, linux-kernel@...r.kernel.org,
        cocci@...teme.lip6.fr
Subject: Re: [PULL REQUEST] i2c-for-5.20-part2

On Sun, Aug 14, 2022 at 02:33:40AM +0200, Wolfram Sang wrote:
> 
> >  (b) auto-convert (with a coccinelle script) all the 'strlcpy()' users
> > that don't care about the return value, and leave a few broken users
> > of strlcpy around
> > 
> > I think (b) is the simpler thing, but I have no idea how to write a
> > coccinelle patch that basically does "if return value of strlcpy is
> > not used, convert the strlcpy to a strscpy".
> 
> That shouldn't be hard. I'll give it a try tomorrow.

So, I tried right away and it was really as easy as expected:

===
@@
@@
- strlcpy
+ strscpy
  (...);
===

The ';' at the end ensures that spatch only looks for complete
statements not containing anything more than expressed.

I pushed out a branch for the testbots now:

git://git.kernel.org/pub/scm/linux/kernel/git/wsa/linux.git renesas/strlcpy

Patch granularity might not be perfect currently, but for testing this
should do.

All the best,

   Wolfram


Download attachment "signature.asc" of type "application/pgp-signature" (834 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ