* [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c
@ 2025-07-27 16:44 Suchit Karunakaran
2025-07-27 19:19 ` Nicolas Schier
` (2 more replies)
0 siblings, 3 replies; 9+ messages in thread
From: Suchit Karunakaran @ 2025-07-27 16:44 UTC (permalink / raw)
To: masahiroy, nicolas.schier, linux-kbuild
Cc: skhan, linux-kernel-mentees, linux-kernel, Suchit Karunakaran
strcpy() performs no bounds checking and can lead to buffer overflows if
the input string exceeds the destination buffer size. This patch replaces
it with strncpy(), and null terminates the input string.
Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com>
---
scripts/kconfig/lxdialog/inputbox.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c
index 3c6e24b20f5b..5e4a131724f2 100644
--- a/scripts/kconfig/lxdialog/inputbox.c
+++ b/scripts/kconfig/lxdialog/inputbox.c
@@ -39,8 +39,10 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width
if (!init)
instr[0] = '\0';
- else
- strcpy(instr, init);
+ else {
+ strncpy(instr, init, sizeof(dialog_input_result) - 1);
+ instr[sizeof(dialog_input_result) - 1] = '\0';
+ }
do_resize:
if (getmaxy(stdscr) <= (height - INPUTBOX_HEIGHT_MIN))
--
2.50.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c
2025-07-27 16:44 [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c Suchit Karunakaran
@ 2025-07-27 19:19 ` Nicolas Schier
2025-07-28 3:59 ` Suchit K
2025-07-28 4:29 ` Greg KH
2025-07-29 13:41 ` Masahiro Yamada
2 siblings, 1 reply; 9+ messages in thread
From: Nicolas Schier @ 2025-07-27 19:19 UTC (permalink / raw)
To: Suchit Karunakaran
Cc: masahiroy, linux-kbuild, skhan, linux-kernel-mentees,
linux-kernel
[-- Attachment #1: Type: text/plain, Size: 713 bytes --]
On Sun, Jul 27, 2025 at 10:14:33PM +0530 Suchit Karunakaran wrote:
> strcpy() performs no bounds checking and can lead to buffer overflows if
> the input string exceeds the destination buffer size. This patch replaces
> it with strncpy(), and null terminates the input string.
>
> Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com>
> ---
> scripts/kconfig/lxdialog/inputbox.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
Reviewed-by: Nicolas Schier <nicolas.schier@linux.dev>
thanks for your contribution!
If you want to continue contributing, you might want to check-out tools
like b4 which simplifies sending and tracking patch-sets.
Kind regards,
Nicolas
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c
2025-07-27 19:19 ` Nicolas Schier
@ 2025-07-28 3:59 ` Suchit K
0 siblings, 0 replies; 9+ messages in thread
From: Suchit K @ 2025-07-28 3:59 UTC (permalink / raw)
To: Nicolas Schier
Cc: masahiroy, linux-kbuild, skhan, linux-kernel-mentees,
linux-kernel
On Mon, 28 Jul 2025 at 00:49, Nicolas Schier <nicolas.schier@linux.dev> wrote:
>
> On Sun, Jul 27, 2025 at 10:14:33PM +0530 Suchit Karunakaran wrote:
> > strcpy() performs no bounds checking and can lead to buffer overflows if
> > the input string exceeds the destination buffer size. This patch replaces
> > it with strncpy(), and null terminates the input string.
> >
> > Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com>
> > ---
> > scripts/kconfig/lxdialog/inputbox.c | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
>
> Reviewed-by: Nicolas Schier <nicolas.schier@linux.dev>
>
> thanks for your contribution!
>
> If you want to continue contributing, you might want to check-out tools
> like b4 which simplifies sending and tracking patch-sets.
>
Thank you very much! Please let me know if there's anything else I
should do. Also, I'd appreciate it if you could take a look at my
other patch that replaces strcpy with snprintf. Thanks again!
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c
2025-07-27 16:44 [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c Suchit Karunakaran
2025-07-27 19:19 ` Nicolas Schier
@ 2025-07-28 4:29 ` Greg KH
2025-07-28 4:48 ` Suchit K
2025-07-29 13:40 ` Masahiro Yamada
2025-07-29 13:41 ` Masahiro Yamada
2 siblings, 2 replies; 9+ messages in thread
From: Greg KH @ 2025-07-28 4:29 UTC (permalink / raw)
To: Suchit Karunakaran
Cc: masahiroy, nicolas.schier, linux-kbuild, skhan,
linux-kernel-mentees, linux-kernel
On Sun, Jul 27, 2025 at 10:14:33PM +0530, Suchit Karunakaran wrote:
> strcpy() performs no bounds checking and can lead to buffer overflows if
> the input string exceeds the destination buffer size. This patch replaces
> it with strncpy(), and null terminates the input string.
>
> Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com>
> ---
> scripts/kconfig/lxdialog/inputbox.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c
> index 3c6e24b20f5b..5e4a131724f2 100644
> --- a/scripts/kconfig/lxdialog/inputbox.c
> +++ b/scripts/kconfig/lxdialog/inputbox.c
> @@ -39,8 +39,10 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width
>
> if (!init)
> instr[0] = '\0';
> - else
> - strcpy(instr, init);
> + else {
> + strncpy(instr, init, sizeof(dialog_input_result) - 1);
> + instr[sizeof(dialog_input_result) - 1] = '\0';
As this is a userspace tool, why is this change needed at all? How can
this overflow and if it does, what happens?
thanks,
greg k-h
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c
2025-07-28 4:29 ` Greg KH
@ 2025-07-28 4:48 ` Suchit K
2025-07-28 5:20 ` Greg KH
2025-07-29 13:40 ` Masahiro Yamada
1 sibling, 1 reply; 9+ messages in thread
From: Suchit K @ 2025-07-28 4:48 UTC (permalink / raw)
To: Greg KH
Cc: masahiroy, nicolas.schier, linux-kbuild, skhan,
linux-kernel-mentees, linux-kernel
On Mon, 28 Jul 2025 at 09:59, Greg KH <gregkh@linuxfoundation.org> wrote:
>
> On Sun, Jul 27, 2025 at 10:14:33PM +0530, Suchit Karunakaran wrote:
> > strcpy() performs no bounds checking and can lead to buffer overflows if
> > the input string exceeds the destination buffer size. This patch replaces
> > it with strncpy(), and null terminates the input string.
> >
> > Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com>
> > ---
> > scripts/kconfig/lxdialog/inputbox.c | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c
> > index 3c6e24b20f5b..5e4a131724f2 100644
> > --- a/scripts/kconfig/lxdialog/inputbox.c
> > +++ b/scripts/kconfig/lxdialog/inputbox.c
> > @@ -39,8 +39,10 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width
> >
> > if (!init)
> > instr[0] = '\0';
> > - else
> > - strcpy(instr, init);
> > + else {
> > + strncpy(instr, init, sizeof(dialog_input_result) - 1);
> > + instr[sizeof(dialog_input_result) - 1] = '\0';
>
> As this is a userspace tool, why is this change needed at all? How can
> this overflow and if it does, what happens?
>
Hi Greg. The primary motivation for this patch was the deprecation of
strcpy(). Additionally, I believed there was a possibility of a buffer
overflow if the initial string accidentally exceeded the length of
instr, although the chances might be low.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c
2025-07-28 4:48 ` Suchit K
@ 2025-07-28 5:20 ` Greg KH
[not found] ` <CAO9wTFi+atf1vwMrDJBa-X4W5UcQ8K80spgiGhMyhZj4aRJ3Zw@mail.gmail.com>
0 siblings, 1 reply; 9+ messages in thread
From: Greg KH @ 2025-07-28 5:20 UTC (permalink / raw)
To: Suchit K
Cc: masahiroy, nicolas.schier, linux-kbuild, skhan,
linux-kernel-mentees, linux-kernel
On Mon, Jul 28, 2025 at 10:18:35AM +0530, Suchit K wrote:
> On Mon, 28 Jul 2025 at 09:59, Greg KH <gregkh@linuxfoundation.org> wrote:
> >
> > On Sun, Jul 27, 2025 at 10:14:33PM +0530, Suchit Karunakaran wrote:
> > > strcpy() performs no bounds checking and can lead to buffer overflows if
> > > the input string exceeds the destination buffer size. This patch replaces
> > > it with strncpy(), and null terminates the input string.
> > >
> > > Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com>
> > > ---
> > > scripts/kconfig/lxdialog/inputbox.c | 6 ++++--
> > > 1 file changed, 4 insertions(+), 2 deletions(-)
> > >
> > > diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c
> > > index 3c6e24b20f5b..5e4a131724f2 100644
> > > --- a/scripts/kconfig/lxdialog/inputbox.c
> > > +++ b/scripts/kconfig/lxdialog/inputbox.c
> > > @@ -39,8 +39,10 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width
> > >
> > > if (!init)
> > > instr[0] = '\0';
> > > - else
> > > - strcpy(instr, init);
> > > + else {
> > > + strncpy(instr, init, sizeof(dialog_input_result) - 1);
> > > + instr[sizeof(dialog_input_result) - 1] = '\0';
> >
> > As this is a userspace tool, why is this change needed at all? How can
> > this overflow and if it does, what happens?
> >
>
> Hi Greg. The primary motivation for this patch was the deprecation of
> strcpy(). Additionally, I believed there was a possibility of a buffer
> overflow if the initial string accidentally exceeded the length of
> instr, although the chances might be low.
Is strcpy() being deprecated in userspace? I think it's a core part of
the C language specification :)
Again, how can that buffer be "too large"?
thanks,
greg k-h
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c
[not found] ` <CAO9wTFi+atf1vwMrDJBa-X4W5UcQ8K80spgiGhMyhZj4aRJ3Zw@mail.gmail.com>
@ 2025-07-28 5:39 ` Suchit K
0 siblings, 0 replies; 9+ messages in thread
From: Suchit K @ 2025-07-28 5:39 UTC (permalink / raw)
To: Greg KH
Cc: masahiroy, nicolas.schier, linux-kbuild, skhan,
linux-kernel-mentees, linux-kernel
Resending because I unknowingly disabled plain text mode. Sorry about that.
>
> Is strcpy() being deprecated in userspace? I think it's a core part of
> the C language specification :)
>
My apologies. I was under the assumption that all folders within the
kernel repository adhered to the kernel coding guidelines, only to
realize that these guidelines primarily apply to kernel space code.
You're right, strcpy() isn't deprecated in userspace but as far as I
know some compilers emit warnings to replace it with other functions
since it's unsafe.
> Again, how can that buffer be "too large"?
>
Tbh I'm not sure. I was glancing through the code in mconf.c and there
were some calls to dialog_inputbox() with file names and a variable
length string being passed for the init argument. So, I thought there
might be some chance of overflowing.
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c
2025-07-28 4:29 ` Greg KH
2025-07-28 4:48 ` Suchit K
@ 2025-07-29 13:40 ` Masahiro Yamada
1 sibling, 0 replies; 9+ messages in thread
From: Masahiro Yamada @ 2025-07-29 13:40 UTC (permalink / raw)
To: Greg KH
Cc: Suchit Karunakaran, nicolas.schier, linux-kbuild, skhan,
linux-kernel-mentees, linux-kernel
On Mon, Jul 28, 2025 at 1:29 PM Greg KH <gregkh@linuxfoundation.org> wrote:
>
> On Sun, Jul 27, 2025 at 10:14:33PM +0530, Suchit Karunakaran wrote:
> > strcpy() performs no bounds checking and can lead to buffer overflows if
> > the input string exceeds the destination buffer size. This patch replaces
> > it with strncpy(), and null terminates the input string.
> >
> > Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com>
> > ---
> > scripts/kconfig/lxdialog/inputbox.c | 6 ++++--
> > 1 file changed, 4 insertions(+), 2 deletions(-)
> >
> > diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c
> > index 3c6e24b20f5b..5e4a131724f2 100644
> > --- a/scripts/kconfig/lxdialog/inputbox.c
> > +++ b/scripts/kconfig/lxdialog/inputbox.c
> > @@ -39,8 +39,10 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width
> >
> > if (!init)
> > instr[0] = '\0';
> > - else
> > - strcpy(instr, init);
> > + else {
> > + strncpy(instr, init, sizeof(dialog_input_result) - 1);
> > + instr[sizeof(dialog_input_result) - 1] = '\0';
>
> As this is a userspace tool, why is this change needed at all? How can
> this overflow and if it does, what happens?
The buffer size (2049 byte) is large enough, and
buffer overflow is unlikely to happen in practical use cases.
If it does, I think the program will crash.
--
Best Regards
Masahiro Yamada
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c
2025-07-27 16:44 [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c Suchit Karunakaran
2025-07-27 19:19 ` Nicolas Schier
2025-07-28 4:29 ` Greg KH
@ 2025-07-29 13:41 ` Masahiro Yamada
2 siblings, 0 replies; 9+ messages in thread
From: Masahiro Yamada @ 2025-07-29 13:41 UTC (permalink / raw)
To: Suchit Karunakaran
Cc: nicolas.schier, linux-kbuild, skhan, linux-kernel-mentees,
linux-kernel
On Mon, Jul 28, 2025 at 1:44 AM Suchit Karunakaran
<suchitkarunakaran@gmail.com> wrote:
>
> strcpy() performs no bounds checking and can lead to buffer overflows if
> the input string exceeds the destination buffer size. This patch replaces
> it with strncpy(), and null terminates the input string.
>
> Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com>
> ---
> scripts/kconfig/lxdialog/inputbox.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c
> index 3c6e24b20f5b..5e4a131724f2 100644
> --- a/scripts/kconfig/lxdialog/inputbox.c
> +++ b/scripts/kconfig/lxdialog/inputbox.c
> @@ -39,8 +39,10 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width
>
> if (!init)
> instr[0] = '\0';
> - else
> - strcpy(instr, init);
> + else {
> + strncpy(instr, init, sizeof(dialog_input_result) - 1);
> + instr[sizeof(dialog_input_result) - 1] = '\0';
> + }
Applied to linux-kbuild. Thanks.
--
Best Regards
Masahiro Yamada
^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2025-07-29 13:41 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-27 16:44 [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c Suchit Karunakaran
2025-07-27 19:19 ` Nicolas Schier
2025-07-28 3:59 ` Suchit K
2025-07-28 4:29 ` Greg KH
2025-07-28 4:48 ` Suchit K
2025-07-28 5:20 ` Greg KH
[not found] ` <CAO9wTFi+atf1vwMrDJBa-X4W5UcQ8K80spgiGhMyhZj4aRJ3Zw@mail.gmail.com>
2025-07-28 5:39 ` Suchit K
2025-07-29 13:40 ` Masahiro Yamada
2025-07-29 13:41 ` Masahiro Yamada
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox