lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <61958a3cca40fc9a42b951c68c75f138cab9212e.camel@perches.com>
Date: Tue, 29 Jul 2025 03:24:20 -0700
From: Joe Perches <joe@...ches.com>
To: Suchit Karunakaran <suchitkarunakaran@...il.com>, apw@...onical.com, 
	dwaipayanray1@...il.com, lukas.bulwahn@...il.com
Cc: skhan@...uxfoundation.org, linux-kernel-mentees@...ts.linux.dev, 
	linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] checkpatch: suppress strscpy warnings for userspace
 tools

On Sun, 2025-07-27 at 18:20 +0530, Suchit Karunakaran wrote:
> The checkpatch.pl script currently warns against the use of strcpy, 
> strlcpy, and strncpy, recommending strscpy as a safer alternative. 
> However, these warnings are also triggered for code under tools/ and 
> scripts/, which are userspace utilities where strscpy is not available.
> This patch suppresses these warnings for files in tools/ and scripts/.
> 
> Signed-off-by: Suchit Karunakaran <suchitkarunakaran@...il.com>
> 
> Changes since v1:
> - Create is_userspace function to check if the file is in userspace
>   directories

the changelog bit should go below the --- line

> ---

This
>  scripts/checkpatch.pl | 10 +++++++---
>  1 file changed, 7 insertions(+), 3 deletions(-)
> 
> diff --git a/scripts/checkpatch.pl b/scripts/checkpatch.pl
[]
> @@ -7019,20 +7019,24 @@ sub process {
>  #			}
>  #		}
>  
> +        sub is_userspace {
> +            my ($file) = @_;
> +            return ($file =~ m@\btools/@ || $file =~ m@\bscripts/@);

All other sub uses start in without indentation.
Please move this next to other sub blocks.

Please do a git ls-files -- '*tools/' and see if too many other
files are matched, especially the Documentation/ ones.

> +        }
>  # strcpy uses that should likely be strscpy
> -		if ($line =~ /\bstrcpy\s*\(/) {
> +		if ($line =~ /\bstrcpy\s*\(/ && !is_userspace($realfile)) {
>  			WARN("STRCPY",
>  			     "Prefer strscpy over strcpy - see: https://github.com/KSPP/linux/issues/88\n" . $herecurr);
>  		}

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ