lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <218DE733-6165-45D8-9338-8DB6A96AB66A@zytor.com>
Date: Wed, 14 May 2025 21:54:23 -0700
From: "H. Peter Anvin" <hpa@...or.com>
To: Ruben Wauters <rubenru09@....com>, Thomas Gleixner <tglx@...utronix.de>,
        Ingo Molnar <mingo@...hat.com>, Borislav Petkov <bp@...en8.de>,
        Dave Hansen <dave.hansen@...ux.intel.com>, x86@...nel.org
CC: linux-kernel@...r.kernel.org
Subject: Re: [PATCH] x86/cpu/intel: replace deprecated strcpy with strscpy

On May 14, 2025 12:16:20 PM PDT, Ruben Wauters <rubenru09@....com> wrote:
>On Wed, 2025-05-07 at 21:30 +0100, Ruben Wauters wrote:
>> On Wed, 2025-05-07 at 13:14 -0700, H. Peter Anvin wrote:
>> > On May 7, 2025 11:51:36 AM PDT, Ruben Wauters <rubenru09@....com>
>> > wrote:
>> > > strcpy is deprecated due to lack of bounds checking.
>> > > This patch replaces strcpy with strscpy, the recommended
>> > > alternative for
>> > > null terminated strings, to follow best practices.
>> > > 
>> > > Signed-off-by: Ruben Wauters <rubenru09@....com>
>> > > ---
>> > > arch/x86/kernel/cpu/intel.c | 2 +-
>> > > 1 file changed, 1 insertion(+), 1 deletion(-)
>> > > 
>> > > diff --git a/arch/x86/kernel/cpu/intel.c
>> > > b/arch/x86/kernel/cpu/intel.c
>> > > index 584dd55bf739..b49bba30434d 100644
>> > > --- a/arch/x86/kernel/cpu/intel.c
>> > > +++ b/arch/x86/kernel/cpu/intel.c
>> > > @@ -607,7 +607,7 @@ static void init_intel(struct cpuinfo_x86 *c)
>> > > 		}
>> > > 
>> > > 		if (p)
>> > > -			strcpy(c->x86_model_id, p);
>> > > +			strscpy(c->x86_model_id, p);
>> > > 	}
>> > > #endif
>> > > 
>> > 
>> > strscpy() needs a buffer length; this patch wouldn't even compile!
>> 
>> Hi, this is incorrect, strscpy is defined in string.h as
>> #define strscpy(dst, src, ...)	\
>> 	CONCATENATE(__strscpy, COUNT_ARGS(__VA_ARGS__))(dst, src,
>> __VA_ARGS__)
>> 
>> the third parameter is optional, and it works perfectly fine with two
>> parameters. I have compiled it, and there are no errors.
>> 
>> > Not to mention that the string in question is generated in such a
>> > way
>> > that cannot be unterminated.
>> 
>> I'm not entirely sure what you mean here? The assignments above are
>> null terminated strings, which the two parameter version works fine
>> with.
>
>Hello
>
>Just wanted to check that everything was ok with this patch, and that
>any concerns were addressed or explained. Please do let me know if
>there is anything I need to do or change to get this patch applied.
>
>Ruben Wauters
>

Yes, I stand corrected. 

I still think it is superfluous (or arguably a memcpy would be better, since this is a fixed length) but it doesn't hurt enything.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ