From: David Laight <david.laight.linux@gmail.com>
To: Ai Chao <aichao@kylinos.cn>
Cc: deller@gmx.de, nicolas.ferre@microchip.com,
alexandre.belloni@bootlin.com, claudiu.beznea@tuxon.dev,
linux@armlinux.org.uk, dilinger@queued.net, adaplas@gmail.com,
James.Bottomley@HansenPartnership.com, FlorianSchandinat@gmx.de,
alchark@gmail.com, krzk@kernel.org, kees@kernel.org,
rene@exactco.de, tzimmermann@suse.de, rongqianfeng@vivo.com,
thorsten.blum@linux.dev, chelsyratnawat2001@gmail.com,
soci@c64.rulez.org, gregkh@linuxfoundation.org, daniel@thingy.jp,
linmq006@gmail.com, fourier.thomas@gmail.com,
linux-fbdev@vger.kernel.org, dri-devel@lists.freedesktop.org,
linux-kernel@vger.kernel.org,
linux-arm-kernel@lists.infradead.org,
linux-geode@lists.infradead.org, linux-parisc@vger.kernel.org
Subject: Re: [PATCH 03/35] fbdev: sisfb: Use safer strscpy() instead of strcpy()
Date: Mon, 27 Apr 2026 14:05:55 +0100 [thread overview]
Message-ID: <20260427140555.4d001050@pumpkin> (raw)
In-Reply-To: <20260427090910.1940231-1-aichao@kylinos.cn>
On Mon, 27 Apr 2026 17:09:10 +0800
Ai Chao <aichao@kylinos.cn> wrote:
> Hello David and Helge
> ...
> > > > - strcpy(ivideo->myid, "SiS 730");
> > > > + strscpy(ivideo->myid, "SiS 730");
> > >
> > > The compiler knows at build time the length of myid, and the "SIS 730" string.
> > > Using strscpy() has no benefit here either. Contrary, the code generated
> > > because of using strscpy() is probably even larger.
> > > Don't replace such code with strscpy().
>
> > Both should get converted to a memcpy().
>
> > If you increase the literal to be too long I'm pretty sure you'll
> > get a compiler warning/error from strcpy().
> > OTOH strscpy() is more likely to truncate the string (I'd need to
> > check).
>
> > So leaving it as strcpy() is fine - and possibly even better.
> > The header files might get changed to error strcpy() unless the compiler
> > knows the source string has a constant length and the destination is
> > big enough - but that hasn't been done yet.
>
> struct sis_video_info {
> char myid[40];
> }
> I have rewritten the code:
> strcpy(ivideo->myid, "SiS 730-0123456789abcdefghijklmnopqrstuvwxyz0123456789");
> Used gcc version 11.4.0 (Ubuntu 11.4.0-1ubuntu1~22.04.3)
> There was no compiler warning or error.
> The strcpy copies the entire string into myid(causing a buffer overflow),
> whereas strscpy only copies 40 characters into myid according to its size.
It depends on what is in string.h and the enabled warnings.
Testing on 'godbolt' gives an error with both gcc and clang without any
special compilation options.
The linux kernel build errors strcpy() at line 799 of fortify-string.h.
strscpy() doesn't (and really shouldn't) generate an error since it is
expected to truncate overlong strings.
Since you should (at least) test compile any patches before sending them
(even trivial ones) you ought to have things setup to have checked what
happens in a kernel build.
Ideally you should also run the code.
This really means that strcpy() is better than strscpy() for copying fixed
length strings into arrays.
David
>
> Thanks,
> Ai Chao
>
next prev parent reply other threads:[~2026-04-27 13:06 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20260427090910.1940231-1-aichao@kylinos.cn>
2026-04-27 9:17 ` [PATCH 03/35] fbdev: sisfb: Use safer strscpy() instead of strcpy() Helge Deller
2026-04-27 13:05 ` David Laight [this message]
2026-04-25 6:58 [PATCH 00/35] " Ai Chao
2026-04-25 6:58 ` [PATCH 03/35] fbdev: sisfb: " Ai Chao
2026-04-25 8:08 ` Helge Deller
2026-04-25 11:02 ` David Laight
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20260427140555.4d001050@pumpkin \
--to=david.laight.linux@gmail.com \
--cc=FlorianSchandinat@gmx.de \
--cc=James.Bottomley@HansenPartnership.com \
--cc=adaplas@gmail.com \
--cc=aichao@kylinos.cn \
--cc=alchark@gmail.com \
--cc=alexandre.belloni@bootlin.com \
--cc=chelsyratnawat2001@gmail.com \
--cc=claudiu.beznea@tuxon.dev \
--cc=daniel@thingy.jp \
--cc=deller@gmx.de \
--cc=dilinger@queued.net \
--cc=dri-devel@lists.freedesktop.org \
--cc=fourier.thomas@gmail.com \
--cc=gregkh@linuxfoundation.org \
--cc=kees@kernel.org \
--cc=krzk@kernel.org \
--cc=linmq006@gmail.com \
--cc=linux-arm-kernel@lists.infradead.org \
--cc=linux-fbdev@vger.kernel.org \
--cc=linux-geode@lists.infradead.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-parisc@vger.kernel.org \
--cc=linux@armlinux.org.uk \
--cc=nicolas.ferre@microchip.com \
--cc=rene@exactco.de \
--cc=rongqianfeng@vivo.com \
--cc=soci@c64.rulez.org \
--cc=thorsten.blum@linux.dev \
--cc=tzimmermann@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox