Re: [PATCH] staging/fbtft: Remove all strcpy() uses

18 Jul 2021


      On Sun, Jul 18, 2021 at 4:43 PM Len Baker len.baker@gmx.com wrote:
...
strcpy() performs no bounds checking on the destination buffer. This
could result in linear overflows beyond the end of the buffer, leading
to all kinds of misbehaviors. The safe replacement is strscpy() but in
this case it is simpler to add NULL to the first position since we want
to empty the string.
...
This is a previous step in the path to remove the strcpy() function.
Any document behind this (something to read on the site(s) more or
less affiliated with what is going to happen in the kernel) to read
background?
...
...
            case -1:
                    i++;
                    /* make debug message */


                  strcpy(msg, "");


                  msg[0] = 0;


Strictly speaking it should be '\0'.
...
                    j = i + 1;
                    while (par->init_sequence[j] >= 0) {
                            sprintf(str, "0x%02X ", par->init_sequence[j]);

-- 
With Best Regards,
Andy Shevchenko

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

Re: [PATCH] staging/fbtft: Remove all strcpy() uses