kernel/trace/trace_boot.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-)
The strlcpy should not be used because it doesn't limit the source
length. Preferred is strscpy.
Signed-off-by: XueBing Chen <chenxuebing@jari.cn>
---
kernel/trace/trace_boot.c | 8 ++++----
1 file changed, 4 insertions(+), 4 deletions(-)
diff --git a/kernel/trace/trace_boot.c b/kernel/trace/trace_boot.c
index 778200dd8ede..2bf76550bb4e 100644
--- a/kernel/trace/trace_boot.c
+++ b/kernel/trace/trace_boot.c
@@ -31,7 +31,7 @@ trace_boot_set_instance_options(struct trace_array *tr, struct xbc_node *node)
/* Common ftrace options */
xbc_node_for_each_array_value(node, "options", anode, p) {
- if (strlcpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf)) {
+ if (strscpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf)) {
pr_err("String is too long: %s\n", p);
continue;
}
@@ -87,7 +87,7 @@ trace_boot_enable_events(struct trace_array *tr, struct xbc_node *node)
const char *p;
xbc_node_for_each_array_value(node, "events", anode, p) {
- if (strlcpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf)) {
+ if (strscpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf)) {
pr_err("String is too long: %s\n", p);
continue;
}
@@ -486,7 +486,7 @@ trace_boot_init_one_event(struct trace_array *tr, struct xbc_node *gnode,
p = xbc_node_find_value(enode, "filter", NULL);
if (p && *p != '\0') {
- if (strlcpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf))
+ if (strscpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf))
pr_err("filter string is too long: %s\n", p);
else if (apply_event_filter(file, buf) < 0)
pr_err("Failed to apply filter: %s\n", buf);
@@ -494,7 +494,7 @@ trace_boot_init_one_event(struct trace_array *tr, struct xbc_node *gnode,
if (IS_ENABLED(CONFIG_HIST_TRIGGERS)) {
xbc_node_for_each_array_value(enode, "actions", anode, p) {
- if (strlcpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf))
+ if (strscpy(buf, p, ARRAY_SIZE(buf)) >= ARRAY_SIZE(buf))
pr_err("action string is too long: %s\n", p);
else if (trigger_process_regex(file, buf) < 0)
pr_err("Failed to apply an action: %s\n", p);
--
2.25.1
On Mon, 11 Jul 2022 22:26:12 +0800 (GMT+08:00) "XueBing Chen" <chenxuebing@jari.cn> wrote: > The strlcpy should not be used because it doesn't limit the source > length. Preferred is strscpy. That's not enough justification to make the switch. These calls are done at boot up. If there's a bug in the source, I rather have it crash. -- Steve > > Signed-off-by: XueBing Chen <chenxuebing@jari.cn>
On Mon, 11 Jul 2022 10:41:25 -0400 Steven Rostedt <rostedt@goodmis.org> wrote: > On Mon, 11 Jul 2022 22:26:12 +0800 (GMT+08:00) > "XueBing Chen" <chenxuebing@jari.cn> wrote: > > > The strlcpy should not be used because it doesn't limit the source > > length. Preferred is strscpy. > > That's not enough justification to make the switch. > > These calls are done at boot up. If there's a bug in the source, I rather > have it crash. And unless there is good justification and understanding of how the code works, blindly switching strlcpy() with strscpy() can have undesirable consequences: https://lore.kernel.org/all/20220701094403.3044-1-adrian.hunter@intel.com/T/#u Please stop changing all strlcpy() to strscpy() unless there's good justification to do so. Just saying "strscpy() is preferred", is not justification to make the change. -- Steve
© 2016 - 2026 Red Hat, Inc.