| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <87qzw2ubc4.fsf@>
Date: Fri, 19 Sep 2025 09:54:03 +0200
From: Miquel Sabaté Solà <mssola@...ola.com>
To: Miklos Szeredi <miklos@...redi.hu>
Cc: linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] fs: fuse: Use strscpy instead of strcpy
Hello,
Miklos Szeredi @ 2025-09-19 08:43 +02:
> On Wed, 17 Sept 2025 at 22:55, Miquel Sabaté Solà <mssola@...ola.com> wrote:
>>
>> As pointed out in [1], strcpy() is deprecated in favor of
>> strscpy().
>>
>> Furthermore, the length of the name to be copied is well known at this
>> point since we are going to move the pointer by that much on the next
>> line. Hence, it's safe to assume 'namelen' for the length of the string
>> to be copied.
>
> By "length of a string" usually the number of non-null chars is meant
> (i.e. strlen(str)).
>
> So the variable 'namelen' is confusingly named, a better one would be namesize.
That's a good point. If you want I can add a commit renaming this
variable for v2.
>
>>
>> [1] KSPP#88
>
> I don't understand this notation.
This is because it refers to an issue on Github that is tracking the
effort to move away from strcpy in favor of strscpy. I've seen many
commits tracked there that followed this notation and thus I thought
that was the right thing. Anyways, if you want I can transform this
into a Link tag:
Link: https://github.com/KSPP/linux/issues/88
Or otherwise reference it in any other way you feel is more appropiate.
>
> Patch itself looks good.
>
> Thanks,
> Miklos
Thanks,
Miquel
Download attachment "signature.asc" of type "application/pgp-signature" (898 bytes)
Powered by blists - more mailing lists