* [PATCH v2] kconfig/nconf: Replace strncpy() with snprintf() @ 2025-06-12 7:48 Shankari Anand 2025-06-12 7:48 ` Shankari Anand 0 siblings, 1 reply; 3+ messages in thread From: Shankari Anand @ 2025-06-12 7:48 UTC (permalink / raw) To: linux-kbuild, masahiroy; +Cc: Shankari Anand I'm following up on my patch titled: [PATCH v2] kconfig/nconf: Replace strncpy() with snprintf() for safe string copy Link: https://lore.kernel.org/linux-kbuild/CAPRMd3kWRHvUE=FuRoGBXYR1POCL05sec4-9u6_Pb667TBFaiA@mail.gmail.com/T/#t I wanted to check whether this change is considered valid and applicable, or if there are any concerns about the direction or scope. Why I have proposed this change - 1. item_add_str() in nconf.c: k_menu_items[index].str is a fixed-size char array. To copy the full string whilemaking sure it’s always null-terminated, snprintf() writes up to N-1 bytes + null terminator. strncpy() could leave the destination unterminated if tmp_str is too long which might be unsafe for new_item(). 2. fill_window() in nconf.gui.c: The intent is to print at most len characters, clipped by the window width. Using snprintf() with precision (%.*s) ensures that we never read/write beyond bounds. With strncpy(), again, we risk lack of null termination unless manually handled (as it was done with tmp[len] = '\0';), which is brittle. 3. dialog_inputbox() in nconf.gui.c: result is a user-editable string buffer, pre-initialized with init. *result_len is the max buffer size. snprintf() will write up to result_len - 1 chars and null-terminate; strncpy() could fail to null-terminate if init is too long. Thank you for your time and guidance. Best regards, Shankari Anand (1): ^ permalink raw reply [flat|nested] 3+ messages in thread
* [PATCH v2] kconfig/nconf: Replace strncpy() with snprintf() 2025-06-12 7:48 [PATCH v2] kconfig/nconf: Replace strncpy() with snprintf() Shankari Anand @ 2025-06-12 7:48 ` Shankari Anand 2025-06-24 11:08 ` Masahiro Yamada 0 siblings, 1 reply; 3+ messages in thread From: Shankari Anand @ 2025-06-12 7:48 UTC (permalink / raw) To: linux-kbuild, masahiroy; +Cc: Shankari Anand Replace strncpy() calls with snprintf() in nconf.c and nconf.gui.c, which are part of the userspace Kconfig frontend. The affected functions are - item_add_str() in nconf.c, fill_window() and dialog_inputbox() in nconf.gui.c As strscpy is not supported in userspace, snprintf can be used. Signed-off-by: Shankari Anand <shankari.ak0208@gmail.com> --- v1 -> v2 : Changed strscpy to snprintf as strscpy is not supported in user-space --- scripts/kconfig/nconf.c | 6 +++--- scripts/kconfig/nconf.gui.c | 5 ++--- 2 files changed, 5 insertions(+), 6 deletions(-) diff --git a/scripts/kconfig/nconf.c b/scripts/kconfig/nconf.c index 67ee33fe16ef..42a78f0baf16 100644 --- a/scripts/kconfig/nconf.c +++ b/scripts/kconfig/nconf.c @@ -589,9 +589,9 @@ static void item_add_str(const char *fmt, ...) va_end(ap); snprintf(tmp_str, sizeof(tmp_str), "%s%s", k_menu_items[index].str, new_str); - strncpy(k_menu_items[index].str, - tmp_str, - sizeof(k_menu_items[index].str)); + snprintf(k_menu_items[index].str, + sizeof(k_menu_items[index].str), + "%s", tmp_str); free_item(curses_menu_items[index]); curses_menu_items[index] = new_item( diff --git a/scripts/kconfig/nconf.gui.c b/scripts/kconfig/nconf.gui.c index a1306fafd07f..d55518268f45 100644 --- a/scripts/kconfig/nconf.gui.c +++ b/scripts/kconfig/nconf.gui.c @@ -176,8 +176,7 @@ void fill_window(WINDOW *win, const char *text) char tmp[x+10]; const char *line = get_line(text, i); int len = get_line_length(line); - strncpy(tmp, line, min(len, x)); - tmp[len] = '\0'; + snprintf(tmp, sizeof(tmp), "%.*s", min(len, x), line); mvwprintw(win, i, 0, "%s", tmp); } } @@ -358,7 +357,7 @@ int dialog_inputbox(WINDOW *main_window, y = (lines-win_lines)/2; x = (columns-win_cols)/2; - strncpy(result, init, *result_len); + snprintf(result, *result_len, "%s", init); /* create the windows */ win = newwin(win_lines, win_cols, y, x); -- 2.34.1 ^ permalink raw reply related [flat|nested] 3+ messages in thread
* Re: [PATCH v2] kconfig/nconf: Replace strncpy() with snprintf() 2025-06-12 7:48 ` Shankari Anand @ 2025-06-24 11:08 ` Masahiro Yamada 0 siblings, 0 replies; 3+ messages in thread From: Masahiro Yamada @ 2025-06-24 11:08 UTC (permalink / raw) To: Shankari Anand; +Cc: linux-kbuild On Thu, Jun 12, 2025 at 4:48 PM Shankari Anand <shankari.ak0208@gmail.com> wrote: > > Replace strncpy() calls with snprintf() in nconf.c and nconf.gui.c, > which are part of the userspace Kconfig frontend. > The affected functions are - item_add_str() in nconf.c, > fill_window() and dialog_inputbox() in nconf.gui.c This is completely unnecessary information. > As strscpy is not supported in userspace, snprintf can be used. This one is not necessary either. What you really need to explain in the commit description is: strncpy() does not null-terminate the destination buffer if it is not large enough to hold the entire source string. Make sure to explicitly terminate the buffer. And, I do not think you need to use snprintf() - just terminate the buffer. > Signed-off-by: Shankari Anand <shankari.ak0208@gmail.com> > --- > v1 -> v2 : Changed strscpy to snprintf as strscpy is not supported in user-space > --- > scripts/kconfig/nconf.c | 6 +++--- > scripts/kconfig/nconf.gui.c | 5 ++--- > 2 files changed, 5 insertions(+), 6 deletions(-) > > diff --git a/scripts/kconfig/nconf.c b/scripts/kconfig/nconf.c > index 67ee33fe16ef..42a78f0baf16 100644 > --- a/scripts/kconfig/nconf.c > +++ b/scripts/kconfig/nconf.c > @@ -589,9 +589,9 @@ static void item_add_str(const char *fmt, ...) > va_end(ap); > snprintf(tmp_str, sizeof(tmp_str), "%s%s", > k_menu_items[index].str, new_str); > - strncpy(k_menu_items[index].str, > - tmp_str, > - sizeof(k_menu_items[index].str)); > + snprintf(k_menu_items[index].str, > + sizeof(k_menu_items[index].str), > + "%s", tmp_str); > > free_item(curses_menu_items[index]); > curses_menu_items[index] = new_item( > diff --git a/scripts/kconfig/nconf.gui.c b/scripts/kconfig/nconf.gui.c > index a1306fafd07f..d55518268f45 100644 > --- a/scripts/kconfig/nconf.gui.c > +++ b/scripts/kconfig/nconf.gui.c > @@ -176,8 +176,7 @@ void fill_window(WINDOW *win, const char *text) > char tmp[x+10]; > const char *line = get_line(text, i); > int len = get_line_length(line); > - strncpy(tmp, line, min(len, x)); > - tmp[len] = '\0'; This one can be fixed to tmp[sizeof(tmp) - 1] = '\0' > + snprintf(tmp, sizeof(tmp), "%.*s", min(len, x), line); > mvwprintw(win, i, 0, "%s", tmp); > } > } > @@ -358,7 +357,7 @@ int dialog_inputbox(WINDOW *main_window, > y = (lines-win_lines)/2; > x = (columns-win_cols)/2; > > - strncpy(result, init, *result_len); > + snprintf(result, *result_len, "%s", init); > > /* create the windows */ > win = newwin(win_lines, win_cols, y, x); > -- > 2.34.1 > -- Best Regards Masahiro Yamada ^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2025-06-24 11:09 UTC | newest] Thread overview: 3+ messages (download: mbox.gz follow: Atom feed -- links below jump to the message on this page -- 2025-06-12 7:48 [PATCH v2] kconfig/nconf: Replace strncpy() with snprintf() Shankari Anand 2025-06-12 7:48 ` Shankari Anand 2025-06-24 11:08 ` Masahiro Yamada
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox; as well as URLs for NNTP newsgroup(s).