On Mon, Feb 18, 2019 at 3:24 PM Tobin C. Harding <to...@kernel.org> wrote: > During your talk at LCA you mentioned that we could do with a couple > more safe string functions. One to zero the tail of the destination > buffer after call to strscpy() and also the self explanatory > strscpy_from_user().
Thanks for jumping in with this! :) > I couldn't work out if this is a false positive or not? Does the new > config option CONFIG_TEST_STRING need more documentation? I don't see > where extra docs should be added and it seems self explanatory as is. Usually this just means the help string in Kconfig is "too short". Sometimes this is a false positive -- really up to you if you think it needs more. :) On to individual patches... -- Kees Cook
