lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <f020e62b-5186-4461-8fe9-de64d35de488@gmail.com>
Date: Fri, 25 Jul 2025 11:53:40 +0200
From: Franco Martelli <martellif67@...il.com>
To: Suchit Karunakaran <suchitkarunakaran@...il.com>, masahiroy@...nel.org,
 linux-kbuild@...r.kernel.org
Cc: linux-kernel@...r.kernel.org, skhan@...uxfoundation.org,
 Franco Martelli <martellif67@...il.com>
Subject: Re: [PATCH] kconfig/lxdialog: replace strcpy() with strscpy() in
 inputbox.c

On 25/07/25 at 07:59, Suchit Karunakaran wrote:
> strcpy() performs no bounds checking and can lead to buffer overflows if
> the input string exceeds the destination buffer size. Replace it with
> strscpy(), which ensures the input is always NULL-terminated and
> prevents overflows.
> 
> Signed-off-by: Suchit Karunakaran <suchitkarunakaran@...il.com>
> ---
>   scripts/kconfig/lxdialog/inputbox.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c
> index 3c6e24b20f5b..8880ccaffa0b 100644
> --- a/scripts/kconfig/lxdialog/inputbox.c
> +++ b/scripts/kconfig/lxdialog/inputbox.c
> @@ -40,7 +40,7 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width
>   	if (!init)
>   		instr[0] = '\0';
>   	else
> -		strcpy(instr, init);
> +		strscpy(instr, init, MAX_LEN + 1);
>   
>   do_resize:
>   	if (getmaxy(stdscr) <= (height - INPUTBOX_HEIGHT_MIN))

perhaps it's better to sanitize the whole code in
script/kconfig not only in lxdialog/inputbox.c

$ grep -Rn strcpy scripts/kconfig/*
scripts/kconfig/confdata.c:143: strcpy(depfile_path + 
depfile_prefix_len, name);
scripts/kconfig/lxdialog/util.c:348:    strcpy(tempstr, prompt);
scripts/kconfig/lxdialog/inputbox.c:43:         strcpy(instr, init);
scripts/kconfig/symbol.c:764:   strcpy(val, newval);
scripts/kconfig/util.c:55:      strcpy(gs.s, "\0");

because the script "checkpatch.pl" emits a warning
whether strcpy() function is used:

WARNING: Prefer strscpy over strcpy - see: 
https://github.com/KSPP/linux/issues/88

Kind regards,
-- 
Franco Martelli

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ