* [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c
@ 2025-07-27 16:44 Suchit Karunakaran
2025-07-27 19:19 ` Nicolas Schier
` (2 more replies)
0 siblings, 3 replies; 9+ messages in thread
From: Suchit Karunakaran @ 2025-07-27 16:44 UTC (permalink / raw)
To: masahiroy, nicolas.schier, linux-kbuild
Cc: skhan, linux-kernel-mentees, linux-kernel, Suchit Karunakaran
strcpy() performs no bounds checking and can lead to buffer overflows if
the input string exceeds the destination buffer size. This patch replaces
it with strncpy(), and null terminates the input string.
Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com>
---
scripts/kconfig/lxdialog/inputbox.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c
index 3c6e24b20f5b..5e4a131724f2 100644
--- a/scripts/kconfig/lxdialog/inputbox.c
+++ b/scripts/kconfig/lxdialog/inputbox.c
@@ -39,8 +39,10 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width
if (!init)
instr[0] = '\0';
- else
- strcpy(instr, init);
+ else {
+ strncpy(instr, init, sizeof(dialog_input_result) - 1);
+ instr[sizeof(dialog_input_result) - 1] = '\0';
+ }
do_resize:
if (getmaxy(stdscr) <= (height - INPUTBOX_HEIGHT_MIN))
--
2.50.1
^ permalink raw reply related [flat|nested] 9+ messages in thread* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c 2025-07-27 16:44 [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c Suchit Karunakaran @ 2025-07-27 19:19 ` Nicolas Schier 2025-07-28 3:59 ` Suchit K 2025-07-28 4:29 ` Greg KH 2025-07-29 13:41 ` Masahiro Yamada 2 siblings, 1 reply; 9+ messages in thread From: Nicolas Schier @ 2025-07-27 19:19 UTC (permalink / raw) To: Suchit Karunakaran Cc: masahiroy, linux-kbuild, skhan, linux-kernel-mentees, linux-kernel [-- Attachment #1: Type: text/plain, Size: 713 bytes --] On Sun, Jul 27, 2025 at 10:14:33PM +0530 Suchit Karunakaran wrote: > strcpy() performs no bounds checking and can lead to buffer overflows if > the input string exceeds the destination buffer size. This patch replaces > it with strncpy(), and null terminates the input string. > > Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com> > --- > scripts/kconfig/lxdialog/inputbox.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) Reviewed-by: Nicolas Schier <nicolas.schier@linux.dev> thanks for your contribution! If you want to continue contributing, you might want to check-out tools like b4 which simplifies sending and tracking patch-sets. Kind regards, Nicolas [-- Attachment #2: signature.asc --] [-- Type: application/pgp-signature, Size: 833 bytes --] ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c 2025-07-27 19:19 ` Nicolas Schier @ 2025-07-28 3:59 ` Suchit K 0 siblings, 0 replies; 9+ messages in thread From: Suchit K @ 2025-07-28 3:59 UTC (permalink / raw) To: Nicolas Schier Cc: masahiroy, linux-kbuild, skhan, linux-kernel-mentees, linux-kernel On Mon, 28 Jul 2025 at 00:49, Nicolas Schier <nicolas.schier@linux.dev> wrote: > > On Sun, Jul 27, 2025 at 10:14:33PM +0530 Suchit Karunakaran wrote: > > strcpy() performs no bounds checking and can lead to buffer overflows if > > the input string exceeds the destination buffer size. This patch replaces > > it with strncpy(), and null terminates the input string. > > > > Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com> > > --- > > scripts/kconfig/lxdialog/inputbox.c | 6 ++++-- > > 1 file changed, 4 insertions(+), 2 deletions(-) > > Reviewed-by: Nicolas Schier <nicolas.schier@linux.dev> > > thanks for your contribution! > > If you want to continue contributing, you might want to check-out tools > like b4 which simplifies sending and tracking patch-sets. > Thank you very much! Please let me know if there's anything else I should do. Also, I'd appreciate it if you could take a look at my other patch that replaces strcpy with snprintf. Thanks again! ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c 2025-07-27 16:44 [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c Suchit Karunakaran 2025-07-27 19:19 ` Nicolas Schier @ 2025-07-28 4:29 ` Greg KH 2025-07-28 4:48 ` Suchit K 2025-07-29 13:40 ` Masahiro Yamada 2025-07-29 13:41 ` Masahiro Yamada 2 siblings, 2 replies; 9+ messages in thread From: Greg KH @ 2025-07-28 4:29 UTC (permalink / raw) To: Suchit Karunakaran Cc: masahiroy, nicolas.schier, linux-kbuild, skhan, linux-kernel-mentees, linux-kernel On Sun, Jul 27, 2025 at 10:14:33PM +0530, Suchit Karunakaran wrote: > strcpy() performs no bounds checking and can lead to buffer overflows if > the input string exceeds the destination buffer size. This patch replaces > it with strncpy(), and null terminates the input string. > > Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com> > --- > scripts/kconfig/lxdialog/inputbox.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c > index 3c6e24b20f5b..5e4a131724f2 100644 > --- a/scripts/kconfig/lxdialog/inputbox.c > +++ b/scripts/kconfig/lxdialog/inputbox.c > @@ -39,8 +39,10 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width > > if (!init) > instr[0] = '\0'; > - else > - strcpy(instr, init); > + else { > + strncpy(instr, init, sizeof(dialog_input_result) - 1); > + instr[sizeof(dialog_input_result) - 1] = '\0'; As this is a userspace tool, why is this change needed at all? How can this overflow and if it does, what happens? thanks, greg k-h ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c 2025-07-28 4:29 ` Greg KH @ 2025-07-28 4:48 ` Suchit K 2025-07-28 5:20 ` Greg KH 2025-07-29 13:40 ` Masahiro Yamada 1 sibling, 1 reply; 9+ messages in thread From: Suchit K @ 2025-07-28 4:48 UTC (permalink / raw) To: Greg KH Cc: masahiroy, nicolas.schier, linux-kbuild, skhan, linux-kernel-mentees, linux-kernel On Mon, 28 Jul 2025 at 09:59, Greg KH <gregkh@linuxfoundation.org> wrote: > > On Sun, Jul 27, 2025 at 10:14:33PM +0530, Suchit Karunakaran wrote: > > strcpy() performs no bounds checking and can lead to buffer overflows if > > the input string exceeds the destination buffer size. This patch replaces > > it with strncpy(), and null terminates the input string. > > > > Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com> > > --- > > scripts/kconfig/lxdialog/inputbox.c | 6 ++++-- > > 1 file changed, 4 insertions(+), 2 deletions(-) > > > > diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c > > index 3c6e24b20f5b..5e4a131724f2 100644 > > --- a/scripts/kconfig/lxdialog/inputbox.c > > +++ b/scripts/kconfig/lxdialog/inputbox.c > > @@ -39,8 +39,10 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width > > > > if (!init) > > instr[0] = '\0'; > > - else > > - strcpy(instr, init); > > + else { > > + strncpy(instr, init, sizeof(dialog_input_result) - 1); > > + instr[sizeof(dialog_input_result) - 1] = '\0'; > > As this is a userspace tool, why is this change needed at all? How can > this overflow and if it does, what happens? > Hi Greg. The primary motivation for this patch was the deprecation of strcpy(). Additionally, I believed there was a possibility of a buffer overflow if the initial string accidentally exceeded the length of instr, although the chances might be low. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c 2025-07-28 4:48 ` Suchit K @ 2025-07-28 5:20 ` Greg KH [not found] ` <CAO9wTFi+atf1vwMrDJBa-X4W5UcQ8K80spgiGhMyhZj4aRJ3Zw@mail.gmail.com> 0 siblings, 1 reply; 9+ messages in thread From: Greg KH @ 2025-07-28 5:20 UTC (permalink / raw) To: Suchit K Cc: masahiroy, nicolas.schier, linux-kbuild, skhan, linux-kernel-mentees, linux-kernel On Mon, Jul 28, 2025 at 10:18:35AM +0530, Suchit K wrote: > On Mon, 28 Jul 2025 at 09:59, Greg KH <gregkh@linuxfoundation.org> wrote: > > > > On Sun, Jul 27, 2025 at 10:14:33PM +0530, Suchit Karunakaran wrote: > > > strcpy() performs no bounds checking and can lead to buffer overflows if > > > the input string exceeds the destination buffer size. This patch replaces > > > it with strncpy(), and null terminates the input string. > > > > > > Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com> > > > --- > > > scripts/kconfig/lxdialog/inputbox.c | 6 ++++-- > > > 1 file changed, 4 insertions(+), 2 deletions(-) > > > > > > diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c > > > index 3c6e24b20f5b..5e4a131724f2 100644 > > > --- a/scripts/kconfig/lxdialog/inputbox.c > > > +++ b/scripts/kconfig/lxdialog/inputbox.c > > > @@ -39,8 +39,10 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width > > > > > > if (!init) > > > instr[0] = '\0'; > > > - else > > > - strcpy(instr, init); > > > + else { > > > + strncpy(instr, init, sizeof(dialog_input_result) - 1); > > > + instr[sizeof(dialog_input_result) - 1] = '\0'; > > > > As this is a userspace tool, why is this change needed at all? How can > > this overflow and if it does, what happens? > > > > Hi Greg. The primary motivation for this patch was the deprecation of > strcpy(). Additionally, I believed there was a possibility of a buffer > overflow if the initial string accidentally exceeded the length of > instr, although the chances might be low. Is strcpy() being deprecated in userspace? I think it's a core part of the C language specification :) Again, how can that buffer be "too large"? thanks, greg k-h ^ permalink raw reply [flat|nested] 9+ messages in thread
[parent not found: <CAO9wTFi+atf1vwMrDJBa-X4W5UcQ8K80spgiGhMyhZj4aRJ3Zw@mail.gmail.com>]
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c [not found] ` <CAO9wTFi+atf1vwMrDJBa-X4W5UcQ8K80spgiGhMyhZj4aRJ3Zw@mail.gmail.com> @ 2025-07-28 5:39 ` Suchit K 0 siblings, 0 replies; 9+ messages in thread From: Suchit K @ 2025-07-28 5:39 UTC (permalink / raw) To: Greg KH Cc: masahiroy, nicolas.schier, linux-kbuild, skhan, linux-kernel-mentees, linux-kernel Resending because I unknowingly disabled plain text mode. Sorry about that. > > Is strcpy() being deprecated in userspace? I think it's a core part of > the C language specification :) > My apologies. I was under the assumption that all folders within the kernel repository adhered to the kernel coding guidelines, only to realize that these guidelines primarily apply to kernel space code. You're right, strcpy() isn't deprecated in userspace but as far as I know some compilers emit warnings to replace it with other functions since it's unsafe. > Again, how can that buffer be "too large"? > Tbh I'm not sure. I was glancing through the code in mconf.c and there were some calls to dialog_inputbox() with file names and a variable length string being passed for the init argument. So, I thought there might be some chance of overflowing. ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c 2025-07-28 4:29 ` Greg KH 2025-07-28 4:48 ` Suchit K @ 2025-07-29 13:40 ` Masahiro Yamada 1 sibling, 0 replies; 9+ messages in thread From: Masahiro Yamada @ 2025-07-29 13:40 UTC (permalink / raw) To: Greg KH Cc: Suchit Karunakaran, nicolas.schier, linux-kbuild, skhan, linux-kernel-mentees, linux-kernel On Mon, Jul 28, 2025 at 1:29 PM Greg KH <gregkh@linuxfoundation.org> wrote: > > On Sun, Jul 27, 2025 at 10:14:33PM +0530, Suchit Karunakaran wrote: > > strcpy() performs no bounds checking and can lead to buffer overflows if > > the input string exceeds the destination buffer size. This patch replaces > > it with strncpy(), and null terminates the input string. > > > > Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com> > > --- > > scripts/kconfig/lxdialog/inputbox.c | 6 ++++-- > > 1 file changed, 4 insertions(+), 2 deletions(-) > > > > diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c > > index 3c6e24b20f5b..5e4a131724f2 100644 > > --- a/scripts/kconfig/lxdialog/inputbox.c > > +++ b/scripts/kconfig/lxdialog/inputbox.c > > @@ -39,8 +39,10 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width > > > > if (!init) > > instr[0] = '\0'; > > - else > > - strcpy(instr, init); > > + else { > > + strncpy(instr, init, sizeof(dialog_input_result) - 1); > > + instr[sizeof(dialog_input_result) - 1] = '\0'; > > As this is a userspace tool, why is this change needed at all? How can > this overflow and if it does, what happens? The buffer size (2049 byte) is large enough, and buffer overflow is unlikely to happen in practical use cases. If it does, I think the program will crash. -- Best Regards Masahiro Yamada ^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c 2025-07-27 16:44 [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c Suchit Karunakaran 2025-07-27 19:19 ` Nicolas Schier 2025-07-28 4:29 ` Greg KH @ 2025-07-29 13:41 ` Masahiro Yamada 2 siblings, 0 replies; 9+ messages in thread From: Masahiro Yamada @ 2025-07-29 13:41 UTC (permalink / raw) To: Suchit Karunakaran Cc: nicolas.schier, linux-kbuild, skhan, linux-kernel-mentees, linux-kernel On Mon, Jul 28, 2025 at 1:44 AM Suchit Karunakaran <suchitkarunakaran@gmail.com> wrote: > > strcpy() performs no bounds checking and can lead to buffer overflows if > the input string exceeds the destination buffer size. This patch replaces > it with strncpy(), and null terminates the input string. > > Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com> > --- > scripts/kconfig/lxdialog/inputbox.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c > index 3c6e24b20f5b..5e4a131724f2 100644 > --- a/scripts/kconfig/lxdialog/inputbox.c > +++ b/scripts/kconfig/lxdialog/inputbox.c > @@ -39,8 +39,10 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width > > if (!init) > instr[0] = '\0'; > - else > - strcpy(instr, init); > + else { > + strncpy(instr, init, sizeof(dialog_input_result) - 1); > + instr[sizeof(dialog_input_result) - 1] = '\0'; > + } Applied to linux-kbuild. Thanks. -- Best Regards Masahiro Yamada ^ permalink raw reply [flat|nested] 9+ messages in thread
end of thread, other threads:[~2025-07-29 13:41 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-27 16:44 [PATCH v3] kconfig/lxdialog: replace strcpy() with strncpy() in inputbox.c Suchit Karunakaran
2025-07-27 19:19 ` Nicolas Schier
2025-07-28 3:59 ` Suchit K
2025-07-28 4:29 ` Greg KH
2025-07-28 4:48 ` Suchit K
2025-07-28 5:20 ` Greg KH
[not found] ` <CAO9wTFi+atf1vwMrDJBa-X4W5UcQ8K80spgiGhMyhZj4aRJ3Zw@mail.gmail.com>
2025-07-28 5:39 ` Suchit K
2025-07-29 13:40 ` Masahiro Yamada
2025-07-29 13:41 ` Masahiro Yamada
This is a public inbox, see mirroring instructions for how to clone and mirror all data and code used for this inbox