[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <93578759.11447.1757322260340.JavaMail.zimbra@nod.at>
Date: Mon, 8 Sep 2025 11:04:20 +0200 (CEST)
From: Richard Weinberger <richard@....at>
To: Miquel Raynal <miquel.raynal@...tlin.com>
Cc: Rahul Kumar <rk0006818@...il.com>, Vignesh Raghavendra <vigneshr@...com>,
linux-mtd <linux-mtd@...ts.infradead.org>,
linux-kernel <linux-kernel@...r.kernel.org>,
linux-kernel-mentees@...ts.linux.dev,
Shuah Khan <skhan@...uxfoundation.org>,
pratyush <pratyush@...nel.org>
Subject: Re: [PATCH v2] mtd: sm_ftl: replace strncpy with memcpy
----- Ursprüngliche Mail -----
> Von: "Miquel Raynal" <miquel.raynal@...tlin.com>
> An: "Rahul Kumar" <rk0006818@...il.com>
>> - strncpy(buf, sm_attr->data, sm_attr->len);
>> - return sm_attr->len;
>> + memcpy(buf, sm_attr->data, sm_attr->len);
>> + buf[sm_attr->len] = '\0';
>> + return sm_attr->len + 1;
>
> Are we sure the buffer is always sm_attr->len + 1 long?
Can we please just stop messing with perfectly fine code?
I'm sick of the war on string functions.
First we had to replace everything with strncpy(), then strlcpy(),
then strscpy(), ...
Don't get me wrong, I'm all for hardening code paths where
strings are arbitrary input, but in many of these cases all strings
are no input or already sanitized.
Thanks,
//richard
Powered by blists - more mailing lists