mbox series

[v3,0/3] Remove all strcpy() uses

Message ID 20210801085155.3170-1-len.baker@gmx.com
Headers show
Series Remove all strcpy() uses | expand

Message

Len Baker Aug. 1, 2021, 8:51 a.m. UTC
strcpy() performs no bounds checking on the destination buffer. This
could result in linear overflows beyond the end of the buffer, leading
to all kinds of misbehaviors. So, this serie removes all strcpy uses
from the "staging/fbtft" subsystem.

Also, refactor the code a bit to follow the kernel coding-style and
avoid unnecessary variable initialization.

Changelog v1 -> v2
- Add two new commits to clean the code.
- Use the "%*ph" format specifier instead of strscpy() function (Geert
  Uytterhoeven)

Changelog v2 -> v3
- Change the initialization of the "j" variable in the "for" loop and
  update the code accordingly (Andy Shevchenko).
- Improve the commit message to inform that the "%*ph" replacement
  won't cut output earlier than requested (Andy Shevchenko).
- Don't remove the braces in the "if" statement due to the presence of
  the comment (Geert Uytterhoeven).

Len Baker (3):
  staging/fbtft: Remove all strcpy() uses
  staging/fbtft: Remove unnecessary variable initialization
  staging/fbtft: Fix braces coding style

 drivers/staging/fbtft/fbtft-core.c | 23 ++++++++++-------------
 1 file changed, 10 insertions(+), 13 deletions(-)

--
2.25.1

Comments

Greg Kroah-Hartman Aug. 5, 2021, 11:18 a.m. UTC | #1
On Sun, Aug 01, 2021 at 02:40:40PM +0300, Andy Shevchenko wrote:
> On Sun, Aug 1, 2021 at 11:53 AM Len Baker <len.baker@gmx.com> wrote:

> >

> > strcpy() performs no bounds checking on the destination buffer. This

> > could result in linear overflows beyond the end of the buffer, leading

> > to all kinds of misbehaviors. So, this serie removes all strcpy uses

> > from the "staging/fbtft" subsystem.

> >

> > Also, refactor the code a bit to follow the kernel coding-style and

> > avoid unnecessary variable initialization.

> 

> I don't see patch 3 (even on lore.kernel.org).

> 

> Greg, Geert, does it make sense to move this driver outside of staging?


If you clean up everything that needs to be done, yes, please do.

thanks,

greg k-h
Andy Shevchenko Aug. 5, 2021, 11:30 a.m. UTC | #2
On Thu, Aug 5, 2021 at 2:18 PM Greg Kroah-Hartman
<gregkh@linuxfoundation.org> wrote:
> On Sun, Aug 01, 2021 at 02:40:40PM +0300, Andy Shevchenko wrote:

> > On Sun, Aug 1, 2021 at 11:53 AM Len Baker <len.baker@gmx.com> wrote:

> > >

> > > strcpy() performs no bounds checking on the destination buffer. This

> > > could result in linear overflows beyond the end of the buffer, leading

> > > to all kinds of misbehaviors. So, this serie removes all strcpy uses

> > > from the "staging/fbtft" subsystem.

> > >

> > > Also, refactor the code a bit to follow the kernel coding-style and

> > > avoid unnecessary variable initialization.

> >

> > I don't see patch 3 (even on lore.kernel.org).

> >

> > Greg, Geert, does it make sense to move this driver outside of staging?

>

> If you clean up everything that needs to be done, yes, please do.


Do we have a clear TODO for that?

The current one has the item which is not feasible to achieve in
reasonable time. Some of those drivers won't be converted to tiny DRM.
So the idea is to keep this out of staging in the maintenance phase
(as it currently states, i.e. no new drivers accepted).  For the rest
I'm not sure what else can be done (checkpatch? coccinelle?).
Actually the first sentence in this paragraph is a motivation for
moving out of staging.

-- 
With Best Regards,
Andy Shevchenko
Andy Shevchenko Aug. 5, 2021, 11:52 a.m. UTC | #3
+Cc: David, Daniel, Noralf.

The idea is to move fbtft under drivers/fbdev on the same terms, i.e.
no acceptance of the new drivers there.
The rationale is that for some of the panels it (fbtft) will be the
only driver and nobody will convert it to tiny DRM.
See more below.

On Thu, Aug 5, 2021 at 2:38 PM Greg Kroah-Hartman
<gregkh@linuxfoundation.org> wrote:
> On Thu, Aug 05, 2021 at 02:30:35PM +0300, Andy Shevchenko wrote:

> > On Thu, Aug 5, 2021 at 2:18 PM Greg Kroah-Hartman

> > <gregkh@linuxfoundation.org> wrote:

> > > On Sun, Aug 01, 2021 at 02:40:40PM +0300, Andy Shevchenko wrote:

> > > > On Sun, Aug 1, 2021 at 11:53 AM Len Baker <len.baker@gmx.com> wrote:

> > > > >

> > > > > strcpy() performs no bounds checking on the destination buffer. This

> > > > > could result in linear overflows beyond the end of the buffer, leading

> > > > > to all kinds of misbehaviors. So, this serie removes all strcpy uses

> > > > > from the "staging/fbtft" subsystem.

> > > > >

> > > > > Also, refactor the code a bit to follow the kernel coding-style and

> > > > > avoid unnecessary variable initialization.

> > > >

> > > > I don't see patch 3 (even on lore.kernel.org).

> > > >

> > > > Greg, Geert, does it make sense to move this driver outside of staging?

> > >

> > > If you clean up everything that needs to be done, yes, please do.

> >

> > Do we have a clear TODO for that?

> >

> > The current one has the item which is not feasible to achieve in

> > reasonable time. Some of those drivers won't be converted to tiny DRM.

> > So the idea is to keep this out of staging in the maintenance phase

> > (as it currently states, i.e. no new drivers accepted).  For the rest

> > I'm not sure what else can be done (checkpatch? coccinelle?).

> > Actually the first sentence in this paragraph is a motivation for

> > moving out of staging.

>

> Take it up with the DRM developers/maintainers.  If they approve for

> this to move out of staging without being converted over to use tiny

> DRM, then I am fine to move it out.


Got it.  Cc'ed this to corresponding people.

-- 
With Best Regards,
Andy Shevchenko