lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20240829123647.32aaeb17@kernel.org>
Date: Thu, 29 Aug 2024 12:36:47 -0700
From: Jakub Kicinski <kuba@...nel.org>
To: Hongbo Li <lihongbo22@...wei.com>
Cc: <davem@...emloft.net>, <edumazet@...gle.com>, <pabeni@...hat.com>,
 <dsahern@...nel.org>, <ralf@...ux-mips.org>, <jmaloy@...hat.com>,
 <ying.xue@...driver.com>, <dan.carpenter@...aro.org>,
 <netdev@...r.kernel.org>, <linux-hams@...r.kernel.org>,
 <netfilter-devel@...r.kernel.org>
Subject: Re: [PATCH net-next v2 0/6] replace deprecated strcpy with strscpy

On Wed, 28 Aug 2024 20:32:18 +0800 Hongbo Li wrote:
> The deprecated helper strcpy() performs no bounds checking on the
> destination buffer. This could result in linear overflows beyond
> the end of the buffer, leading to all kinds of misbehaviors.
> The safe replacement is strscpy() [1].

What's you plan? Are you going to send 200 patches like this
just for networking?

$ git grep strcpy -- net/ drivers/net/ | wc -l
199

Please don't. I'll look thru this series but it feels like such
a waste of time.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ