> -----Original Message-----
> From: Joe Perches [mailto:j...@perches.com]
> Sent: Monday, July 22, 2019 11:11 PM
> To: Kees Cook <keesc...@chromium.org>; Gote, Nitin R
> <nitin.r.g...@intel.com>
> Cc: cor...@lwn.net; a...@linux-foundation.org; a...@canonical.com;
> linux-doc@vger.kernel.org; kernel-harden...@lists.openwall.com
> Subject: Re: [PATCH v5] Documentation/checkpatch: Prefer
> strscpy/strscpy_pad over strcpy/strlcpy/strncpy
>
> On Mon, 2019-07-22 at 10:30 -0700, Kees Cook wrote:
> > On Wed, Jul 17, 2019 at 10:00:05AM +0530, NitinGote wrote:
> > > From: Nitin Gote <nitin.r.g...@intel.com>
> > >
> > > Added check in checkpatch.pl to
> > > 1. Deprecate strcpy() in favor of strscpy().
> > > 2. Deprecate strlcpy() in favor of strscpy().
> > > 3. Deprecate strncpy() in favor of strscpy() or strscpy_pad().
> > >
> > > Updated strncpy() section in Documentation/process/deprecated.rst
> > > to cover strscpy_pad() case.
> > >
> > > Signed-off-by: Nitin Gote <nitin.r.g...@intel.com>
> >
> > Reviewed-by: Kees Cook <keesc...@chromium.org>
> >
> > Joe, does this address your checkpatch concerns?
>
> Well, kinda.
>
> strscpy_pad isn't used anywhere in the kernel.
>
> And
>
> + "strncpy" => "strscpy, strscpy_pad or for
> non-
> NUL-terminated strings, strncpy() can still be used, but destinations should
> be marked with __nonstring",
>
> is a bit verbose. This could be simply:
>
> + "strncpy" => "strscpy - for non-NUL-terminated uses, strncpy() dst
> should be __nonstring",
>
But, if the destination buffer needs extra NUL-padding for remaining size of
destination,
then safe replacement is strscpy_pad(). Right? If yes, then what is your
opinion on below change :
"strncpy" => "strscpy, strcpy_pad - for non-NUL-terminated uses,
strncpy() dst
should be __nonstring",
> And I still prefer adding stracpy as it
> reduces code verbosity and eliminates defects.
>
-Nitin
