[Public] > -----Original Message----- > From: Kees Cook <[email protected]> > Sent: Monday, May 22, 2023 4:15 PM > To: Azeem Shaikh <[email protected]> > Cc: Deucher, Alexander <[email protected]>; Koenig, Christian > <[email protected]>; Pan, Xinhui <[email protected]>; linux- > [email protected]; [email protected]; linux- > [email protected]; David Airlie <[email protected]>; Daniel Vetter > <[email protected]>; [email protected] > Subject: Re: [PATCH] drm/radeon: Replace all non-returning strlcpy with > strscpy > > On Mon, May 22, 2023 at 03:50:32PM +0000, Azeem Shaikh wrote: > > strlcpy() reads the entire source buffer first. > > This read may exceed the destination size limit. > > This is both inefficient and can lead to linear read overflows if a > > source string is not NUL-terminated [1]. > > In an effort to remove strlcpy() completely [2], replace > > strlcpy() here with strscpy(). > > No return values were used, so direct replacement is safe. > > > > [1] > > > https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy > > [2] https://github.com/KSPP/linux/issues/89 > > > > Signed-off-by: Azeem Shaikh <[email protected]> > > Reviewed-by: Kees Cook <[email protected]> >
Acked-by: Alex Deucher <[email protected]> Ack to take this through whatever tree makes sense if you are trying to batch all of these up. Otherwise, I can pick them up. Alex
