| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 12 Oct 2023 20:47:23 +0300
From: Calvince Otieno <calvncce@...il.com>
To: Greg Kroah-Hartman <gregkh@...uxfoundation.org>
Cc: outreachy@...ts.linux.dev, linux-kernel@...r.kernel.org,
Archana <craechal@...il.com>, Dan Carpenter <error27@...il.com>,
Simon Horman <horms@...nel.org>,
Bagas Sanjaya <bagasdotme@...il.com>,
linux-staging@...ts.linux.dev
Subject: Re: [PATCH v2] staging/wlan-ng: remove strcpy() use in favor of strscpy()
On Thu, Oct 12, 2023 at 7:42 PM Greg Kroah-Hartman
<gregkh@...uxfoundation.org> wrote:
>
> On Thu, Oct 12, 2023 at 05:01:57PM +0300, Calvince Otieno wrote:
> > In response to the suggestion by Dan Carpenter on the initial patch,
> > this patch provides a correct usage of the strscpy() in place of the
> > current strcpy() implementation.
> >
> > strscpy() copies characters from the source buffer to the destination
> > buffer until one of the following conditions is met:
> > - null-terminator ('\0') is encountered in the source string.
> > - specified maximum length of the destination buffer is reached.
> > - source buffer is exhausted.
> > Example:
> > char dest[11];
> > const char *PRISM2_USB_FWFILE = "prism2_ru.fw";
> > strscpy(dest, PRISM2_USB_FWFILE, sizeof(dest));
> >
> > In this case, strscpy copies the first 10 characters of src into dest
> > and add a null-terminator. dest will then contain "prism2_ru.f" with
> > proper null-termination.
> >
> > Since the specified length of the dest buffer is not derived from the
> > dest buffer itself and rather form plug length (s3plug[i].len),
> > replacing strcpy() with strscpy() is a better option because it will
> > ensures that the destination string is always properly terminated.
> >
> > Signed-off-by: Calvince Otieno <calvncce@...il.com>
> > ---
> > drivers/staging/wlan-ng/prism2fw.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/drivers/staging/wlan-ng/prism2fw.c b/drivers/staging/wlan-ng/prism2fw.c
> > index 5d03b2b9aab4..3ccd11041646 100644
> > --- a/drivers/staging/wlan-ng/prism2fw.c
> > +++ b/drivers/staging/wlan-ng/prism2fw.c
> > @@ -725,7 +725,7 @@ static int plugimage(struct imgchunk *fchunk, unsigned int nfchunks,
> >
> > if (j == -1) { /* plug the filename */
> > memset(dest, 0, s3plug[i].len);
> > - strncpy(dest, PRISM2_USB_FWFILE, s3plug[i].len - 1);
> > + strscpy(dest, PRISM2_USB_FWFILE, s3plug[i].len);
> > } else { /* plug a PDR */
> > memcpy(dest, &pda->rec[j]->data, s3plug[i].len);
> > }
> > --
> > 2.34.1
> >
> >
>
> Hi,
>
> This is the friendly patch-bot of Greg Kroah-Hartman. You have sent him
> a patch that has triggered this response. He used to manually respond
> to these common problems, but in order to save his sanity (he kept
> writing the same thing over and over, yet to different people), I was
> created. Hopefully you will not take offence and will fix the problem
> in your patch and resubmit it so that it can be accepted into the Linux
> kernel tree.
>
> You are receiving this message because of the following common error(s)
> as indicated below:
>
> - This looks like a new version of a previously submitted patch, but you
> did not list below the --- line any changes from the previous version.
> Please read the section entitled "The canonical patch format" in the
> kernel file, Documentation/process/submitting-patches.rst for what
> needs to be done here to properly describe this.
>
> If you wish to discuss this problem further, or you have questions about
> how to resolve this issue, please feel free to respond to this email and
> Greg will reply once he has dug out from the pending patches received
> from other developers.
>
> thanks,
>
> greg k-h's patch email bot
Hello Greg,
I did amend my first commit
I used the command: git commit --amend -v
The result of this commit action is what I sent over.
--
Kind regards,
Calvince Otieno
Powered by blists - more mailing lists