Re: [RFC] checkpatch: don't complain about SPDX tag format

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Bruce Richardson <bruce.richardson@intel.com>
To: "Kuusisaari, Juhamatti" <Juhamatti.Kuusisaari@coriant.com>
Cc: Thomas Monjalon <thomas@monjalon.net>,
	Scott Branden <scott.branden@broadcom.com>,
	Stephen Hemminger <stephen@networkplumber.org>,
	"dev@dpdk.org" <dev@dpdk.org>
Subject: Re: [RFC] checkpatch: don't complain about SPDX tag	format
Date: Wed, 18 Apr 2018 14:28:43 +0100	[thread overview]
Message-ID: <20180418132843.GA124804@bricha3-MOBL.ger.corp.intel.com> (raw)
In-Reply-To: <AM0PR04MB429115D47C2A69F0C499BAFD9DB60@AM0PR04MB4291.eurprd04.prod.outlook.com>

On Wed, Apr 18, 2018 at 10:49:07AM +0000, Kuusisaari, Juhamatti wrote:
> 
> Hello,
> 
> > On Wed, Apr 18, 2018 at 12:19:07AM +0200, Thomas Monjalon wrote:
> > > 18/04/2018 00:11, Scott Branden:
> > > > On 18-04-17 03:06 PM, Thomas Monjalon wrote:
> > > > > 17/04/2018 23:49, Stephen Hemminger:
> > > > >> IMHO would have been better to use the kernel SPDX style and keep
> > > > >> the check but that appears to be a minority opinion.
> > > > >
> > > > > I think it is better to work on checkpatch itself.
> > > > > When defining our SPDX style, Linux one was not definitive.
> > > > > Do you think we can ask the Linux community to support our SPDX style?
> > > > >
> > > > I think it better to simply follow the Linux community defacto style
> > > > rather than go your own way.
> > >
> > > But our way is better! :)
> > > And it has been decided in the Technical Board.
> > >
> > 
> > As a general issue, I think we could do with having our own checkpatch-like
> > script for performing addition DPDK-specific code-checks *after* Linux
> > checkpatch ones. That is, reuse Linux check patch checks as much as possible,
> > but have other checks too.
> > 
> > For example, check for use of strcpy or strncpy (or snprintf with "%s") and
> > suggest replacing with strlcpy. If we did have our own extension script, we
> > could put our own SPDX format check there too.
> > 
> > Thoughts, or any volunteers to look into this?
> 
> In addition, the checkpatches.sh could be improved so that it actually checks that a proper file is found behind the selected env variable. I am planning to add this check (as it bite me just yesterday).
> 
> Speaking of strlcpy, I do think that it has a caveat* that everybody should be aware of: depending on implementation, it may read unintended memory regions when the source is not properly null terminated (like in Unix domain sockets, or just by other mistake). It may be a bad idea just blindly replace everything with strlcpy, without making sure that copied buffers are really null-terminated in the first place or making sure the strlcpy version is really a one that does not have this problem. As it depends on dynamic libraries, making sure may be difficult.
>  
> Some may argue that this is unlikely and thus irrelevant. Why do I know about it then? :) Needless to say, strncpy or snprintf do not have _this_ problem, although they have their own issues. Internally without dynamic libs DPDK rte_strlcpy uses snprintf which should be safe, though.
> 
> > /Bruce
> 
> --
>  Juhamatti
> 
>  * A caveat on some implementations: 
>  ...
>         /* Not enough room in dst, add NUL and traverse rest of src */
>         if (n == 0) {
>                 if (siz != 0)
>                         *d = '\0';              /* NUL-terminate dst */
>                 while (*s++) <- what happens when s is not null-terminated?
>                         ;
>         }
> ...
>   Another one:
> ...
>     return n + strlen (src); <- what happens when src is not null-terminated?
> ...

Thanks for pointing that out. It's good to be aware of these caveats. I
suspect in most cases the replacement is safe, but we should not blindly
replace one thing with another without checking for possible unintended
side effects.

/Bruce

next prev parent reply	other threads:[~2018-04-18 13:28 UTC|newest]

Thread overview: 11+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-04-17 21:49 [RFC] checkpatch: don't complain about SPDX tag format Stephen Hemminger
2018-04-17 22:06 ` Thomas Monjalon
2018-04-17 22:11   ` Scott Branden
2018-04-17 22:19     ` Thomas Monjalon
2018-04-18  8:56       ` Bruce Richardson
2018-04-18 10:49         ` Kuusisaari, Juhamatti
2018-04-18 13:28           ` Bruce Richardson [this message]
2018-04-18 13:50         ` Thomas Monjalon
2018-04-18 15:25           ` Wiles, Keith
2018-04-19 12:42           ` Hemant Agrawal
2018-06-08 19:41 ` Thomas Monjalon

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20180418132843.GA124804@bricha3-MOBL.ger.corp.intel.com \
    --to=bruce.richardson@intel.com \
    --cc=Juhamatti.Kuusisaari@coriant.com \
    --cc=dev@dpdk.org \
    --cc=scott.branden@broadcom.com \
    --cc=stephen@networkplumber.org \
    --cc=thomas@monjalon.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.