Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy()

[PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Len Baker <hidden> · 2021-08-01
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · "Russell King (Oracle)" <linux@armlinux.org.uk> · 2021-08-01
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Len Baker <hidden> · 2021-08-01
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Kees Cook <hidden> · 2021-08-01
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Dmitry Torokhov <dmitry.torokhov@gmail.com> · 2021-08-01
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Kees Cook <hidden> · 2021-08-02
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Kees Cook <hidden> · 2021-08-03
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Hans Verkuil <hidden> · 2021-08-03
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Len Baker <hidden> · 2021-08-07
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Joe Perches <joe@perches.com> · 2021-08-07
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Len Baker <hidden> · 2021-08-08
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Joe Perches <joe@perches.com> · 2021-08-01
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Joe Perches <joe@perches.com> · 2021-08-01
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Kees Cook <hidden> · 2021-08-02
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Joe Perches <joe@perches.com> · 2021-08-02
Re: [PATCH] drivers/input: Remove all strcpy() uses in favor of strscpy() · Len Baker <hidden> · 2021-08-07

From: Len Baker <hidden>
Date: 2021-08-07 14:10:26
Also in: linux-hardening, lkml

Hi Joe,

On Mon, Aug 02, 2021 at 11:57:40AM -0700, Joe Perches wrote:

On Mon, 2021-08-02 at 09:13 -0700, Kees Cook wrote:

quoted

I'm wondering, instead, if we could convert strcpy() into this instead
of adding another API? I.e. convert all the places that warn (if this
were strcpy), and then land the conversion.

Perhaps not as strcpy is a builtin.

It might be easier as a cocci script.  Something like:

@@
char [] dest;
constant char [] src;
@@

*	strcpy(dest, src)

There are some additional test that needs to be added so that
only length(src) > length(dest) is reported.

Thanks for the ideas. I will think on this.

Regards,
Len

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help