[PATCH] kconfig/lxdialog: replace strcpy() with strscpy() in inputbox.c

linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH] kconfig/lxdialog: replace strcpy() with strscpy() in inputbox.c
@ 2025-07-25  5:59 Suchit Karunakaran
  2025-07-25  9:53 ` Franco Martelli
  2025-07-25 13:00 ` Nicolas Schier
  0 siblings, 2 replies; 7+ messages in thread
From: Suchit Karunakaran @ 2025-07-25  5:59 UTC (permalink / raw)
  To: masahiroy, linux-kbuild; +Cc: linux-kernel, skhan, Suchit Karunakaran

strcpy() performs no bounds checking and can lead to buffer overflows if
the input string exceeds the destination buffer size. Replace it with
strscpy(), which ensures the input is always NULL-terminated and
prevents overflows.

Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com>
---
 scripts/kconfig/lxdialog/inputbox.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c
index 3c6e24b20f5b..8880ccaffa0b 100644
--- a/scripts/kconfig/lxdialog/inputbox.c
+++ b/scripts/kconfig/lxdialog/inputbox.c
@@ -40,7 +40,7 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width
 	if (!init)
 		instr[0] = '\0';
 	else
-		strcpy(instr, init);
+		strscpy(instr, init, MAX_LEN + 1);
 
 do_resize:
 	if (getmaxy(stdscr) <= (height - INPUTBOX_HEIGHT_MIN))
-- 
2.39.5


^ permalink raw reply related	[flat|nested] 7+ messages in thread

* Re: [PATCH] kconfig/lxdialog: replace strcpy() with strscpy() in inputbox.c
  2025-07-25  5:59 [PATCH] kconfig/lxdialog: replace strcpy() with strscpy() in inputbox.c Suchit Karunakaran
@ 2025-07-25  9:53 ` Franco Martelli
  2025-07-25 10:11   ` Suchit K
  2025-07-25 13:00 ` Nicolas Schier
  1 sibling, 1 reply; 7+ messages in thread
From: Franco Martelli @ 2025-07-25  9:53 UTC (permalink / raw)
  To: Suchit Karunakaran, masahiroy, linux-kbuild
  Cc: linux-kernel, skhan, Franco Martelli

On 25/07/25 at 07:59, Suchit Karunakaran wrote:
> strcpy() performs no bounds checking and can lead to buffer overflows if
> the input string exceeds the destination buffer size. Replace it with
> strscpy(), which ensures the input is always NULL-terminated and
> prevents overflows.
> 
> Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com>
> ---
>   scripts/kconfig/lxdialog/inputbox.c | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c
> index 3c6e24b20f5b..8880ccaffa0b 100644
> --- a/scripts/kconfig/lxdialog/inputbox.c
> +++ b/scripts/kconfig/lxdialog/inputbox.c
> @@ -40,7 +40,7 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width
>   	if (!init)
>   		instr[0] = '\0';
>   	else
> -		strcpy(instr, init);
> +		strscpy(instr, init, MAX_LEN + 1);
>   
>   do_resize:
>   	if (getmaxy(stdscr) <= (height - INPUTBOX_HEIGHT_MIN))

perhaps it's better to sanitize the whole code in
script/kconfig not only in lxdialog/inputbox.c

$ grep -Rn strcpy scripts/kconfig/*
scripts/kconfig/confdata.c:143: strcpy(depfile_path + 
depfile_prefix_len, name);
scripts/kconfig/lxdialog/util.c:348:    strcpy(tempstr, prompt);
scripts/kconfig/lxdialog/inputbox.c:43:         strcpy(instr, init);
scripts/kconfig/symbol.c:764:   strcpy(val, newval);
scripts/kconfig/util.c:55:      strcpy(gs.s, "\0");

because the script "checkpatch.pl" emits a warning
whether strcpy() function is used:

WARNING: Prefer strscpy over strcpy - see: 
https://github.com/KSPP/linux/issues/88

Kind regards,
-- 
Franco Martelli

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] kconfig/lxdialog: replace strcpy() with strscpy() in inputbox.c
  2025-07-25  9:53 ` Franco Martelli
@ 2025-07-25 10:11   ` Suchit K
  0 siblings, 0 replies; 7+ messages in thread
From: Suchit K @ 2025-07-25 10:11 UTC (permalink / raw)
  To: Franco Martelli; +Cc: masahiroy, linux-kbuild, linux-kernel, skhan

On Fri, 25 Jul 2025 at 15:23, Franco Martelli <martellif67@gmail.com> wrote:
>
> On 25/07/25 at 07:59, Suchit Karunakaran wrote:
> > strcpy() performs no bounds checking and can lead to buffer overflows if
> > the input string exceeds the destination buffer size. Replace it with
> > strscpy(), which ensures the input is always NULL-terminated and
> > prevents overflows.
> >
> > Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com>
> > ---
> >   scripts/kconfig/lxdialog/inputbox.c | 2 +-
> >   1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c
> > index 3c6e24b20f5b..8880ccaffa0b 100644
> > --- a/scripts/kconfig/lxdialog/inputbox.c
> > +++ b/scripts/kconfig/lxdialog/inputbox.c
> > @@ -40,7 +40,7 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width
> >       if (!init)
> >               instr[0] = '\0';
> >       else
> > -             strcpy(instr, init);
> > +             strscpy(instr, init, MAX_LEN + 1);
> >
> >   do_resize:
> >       if (getmaxy(stdscr) <= (height - INPUTBOX_HEIGHT_MIN))
>
> perhaps it's better to sanitize the whole code in
> script/kconfig not only in lxdialog/inputbox.c
>
> $ grep -Rn strcpy scripts/kconfig/*
> scripts/kconfig/confdata.c:143: strcpy(depfile_path +
> depfile_prefix_len, name);
> scripts/kconfig/lxdialog/util.c:348:    strcpy(tempstr, prompt);
> scripts/kconfig/lxdialog/inputbox.c:43:         strcpy(instr, init);
> scripts/kconfig/symbol.c:764:   strcpy(val, newval);
> scripts/kconfig/util.c:55:      strcpy(gs.s, "\0");
>
> because the script "checkpatch.pl" emits a warning
> whether strcpy() function is used:
>
> WARNING: Prefer strscpy over strcpy - see:
> https://github.com/KSPP/linux/issues/88
>

Hi Franco, I wanted to get feedback on this first before proceeding
further. If the code change looks good to you, I’ll go ahead and
submit patches for the other places as well. Thanks!

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] kconfig/lxdialog: replace strcpy() with strscpy() in inputbox.c
  2025-07-25  5:59 [PATCH] kconfig/lxdialog: replace strcpy() with strscpy() in inputbox.c Suchit Karunakaran
  2025-07-25  9:53 ` Franco Martelli
@ 2025-07-25 13:00 ` Nicolas Schier
  2025-07-25 14:36   ` Suchit K
  1 sibling, 1 reply; 7+ messages in thread
From: Nicolas Schier @ 2025-07-25 13:00 UTC (permalink / raw)
  To: Suchit Karunakaran; +Cc: masahiroy, linux-kbuild, linux-kernel, skhan

[-- Attachment #1: Type: text/plain, Size: 1030 bytes --]

On Fri, Jul 25, 2025 at 11:29:28AM +0530, Suchit Karunakaran wrote:
> strcpy() performs no bounds checking and can lead to buffer overflows if
> the input string exceeds the destination buffer size. Replace it with
> strscpy(), which ensures the input is always NULL-terminated and
> prevents overflows.
> 
> Signed-off-by: Suchit Karunakaran <suchitkarunakaran@gmail.com>
> ---
>  scripts/kconfig/lxdialog/inputbox.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c
> index 3c6e24b20f5b..8880ccaffa0b 100644
> --- a/scripts/kconfig/lxdialog/inputbox.c
> +++ b/scripts/kconfig/lxdialog/inputbox.c
> @@ -40,7 +40,7 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width
>  	if (!init)
>  		instr[0] = '\0';
>  	else
> -		strcpy(instr, init);
> +		strscpy(instr, init, MAX_LEN + 1);

Did you compile-test this?  strscpy() is not available for user-space.

Kind regards,
Nicolas

[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] kconfig/lxdialog: replace strcpy() with strscpy() in inputbox.c
  2025-07-25 13:00 ` Nicolas Schier
@ 2025-07-25 14:36   ` Suchit K
  2025-07-26 16:59     ` Nicolas Schier
  0 siblings, 1 reply; 7+ messages in thread
From: Suchit K @ 2025-07-25 14:36 UTC (permalink / raw)
  To: Nicolas Schier; +Cc: masahiroy, linux-kbuild, linux-kernel, skhan

>
> Did you compile-test this?  strscpy() is not available for user-space.
>

Hi,
Apologies. I didn't compile the change earlier since it was just a
replacement of strcpy with strscpy, and I completely forgot that I was
working with userspace tools. After seeing your comment, I tried
compiling it and I encountered an error. Would it be more appropriate
to use memcpy or strlcpy instead in this case? I'd really appreciate
your guidance on the correct approach here. Thank you!

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] kconfig/lxdialog: replace strcpy() with strscpy() in inputbox.c
  2025-07-25 14:36   ` Suchit K
@ 2025-07-26 16:59     ` Nicolas Schier
  2025-07-26 17:06       ` Suchit K
  0 siblings, 1 reply; 7+ messages in thread
From: Nicolas Schier @ 2025-07-26 16:59 UTC (permalink / raw)
  To: Suchit K; +Cc: masahiroy, linux-kbuild, linux-kernel, skhan

On Fri, Jul 25, 2025 at 08:06:35PM +0530 Suchit K wrote:
> > Did you compile-test this?  strscpy() is not available for user-space.
> >
> 
> Hi,
> Apologies. I didn't compile the change earlier since it was just a
> replacement of strcpy with strscpy, and I completely forgot that I was
> working with userspace tools. After seeing your comment, I tried
> compiling it and I encountered an error. Would it be more appropriate
> to use memcpy or strlcpy instead in this case? I'd really appreciate
> your guidance on the correct approach here. Thank you!

For the concrete code I'd use strlcpy, for some other uses of strcpy in
scripts/kconfig/ I'd probably choose differently.

As Franko already wrote: it would be nice if you could also send patches
for the other strcpy calls below scripts/kconfig/.

But please always compile and test your changes.

Thanks and kind regards
Nicolas


-- 
epost|xmpp: nicolas@fjasle.eu          irc://oftc.net/nsc
↳ gpg: 18ed 52db e34f 860e e9fb  c82b 7d97 0932 55a0 ce7f
     -- frykten for herren er opphav til kunnskap --

^ permalink raw reply	[flat|nested] 7+ messages in thread

* Re: [PATCH] kconfig/lxdialog: replace strcpy() with strscpy() in inputbox.c
  2025-07-26 16:59     ` Nicolas Schier
@ 2025-07-26 17:06       ` Suchit K
  0 siblings, 0 replies; 7+ messages in thread
From: Suchit K @ 2025-07-26 17:06 UTC (permalink / raw)
  To: Nicolas Schier; +Cc: masahiroy, linux-kbuild, linux-kernel, skhan

>
> For the concrete code I'd use strlcpy, for some other uses of strcpy in
> scripts/kconfig/ I'd probably choose differently.
>

Sure, I'll make the necessary changes.

> As Franko already wrote: it would be nice if you could also send patches
> for the other strcpy calls below scripts/kconfig/.
>
> But please always compile and test your changes.
>

Yes, I’ll send patches for the other strcpy usages as well. Apologies
for not compiling it earlier, I’m still new to kernel development and
appreciate your patience. Thanks!

^ permalink raw reply	[flat|nested] 7+ messages in thread

end of thread, other threads:[~2025-07-26 17:06 UTC | newest]

Thread overview: 7+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-07-25  5:59 [PATCH] kconfig/lxdialog: replace strcpy() with strscpy() in inputbox.c Suchit Karunakaran
2025-07-25  9:53 ` Franco Martelli
2025-07-25 10:11   ` Suchit K
2025-07-25 13:00 ` Nicolas Schier
2025-07-25 14:36   ` Suchit K
2025-07-26 16:59     ` Nicolas Schier
2025-07-26 17:06       ` Suchit K

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).