From: Shankari Anand <shankari.ak0208@gmail.com>
To: linux-kbuild@vger.kernel.org, masahiroy@kernel.org
Cc: Shankari Anand <shankari.ak0208@gmail.com>
Subject: [PATCH v2] kconfig/nconf: Replace strncpy() with snprintf()
Date: Thu, 12 Jun 2025 13:18:01 +0530 [thread overview]
Message-ID: <20250612074802.900256-1-shankari.ak0208@gmail.com> (raw)
I'm following up on my patch titled: [PATCH v2] kconfig/nconf: Replace strncpy() with snprintf() for safe string copy
Link: https://lore.kernel.org/linux-kbuild/CAPRMd3kWRHvUE=FuRoGBXYR1POCL05sec4-9u6_Pb667TBFaiA@mail.gmail.com/T/#t
I wanted to check whether this change is considered valid and applicable, or if there are any concerns about the direction or scope.
Why I have proposed this change -
1. item_add_str() in nconf.c: k_menu_items[index].str is a fixed-size char array. To copy the full string whilemaking sure it’s always null-terminated, snprintf() writes up to N-1 bytes + null terminator. strncpy() could leave the destination unterminated if tmp_str is too long which might be unsafe for new_item().
2. fill_window() in nconf.gui.c: The intent is to print at most len characters, clipped by the window width. Using snprintf() with precision (%.*s) ensures that we never read/write beyond bounds. With strncpy(), again, we risk lack of null termination unless manually handled (as it was done with tmp[len] = '\0';), which is brittle.
3. dialog_inputbox() in nconf.gui.c: result is a user-editable string buffer, pre-initialized with init. *result_len is the max buffer size. snprintf() will write up to result_len - 1 chars and null-terminate; strncpy() could fail to null-terminate if init is too long.
Thank you for your time and guidance.
Best regards,
Shankari Anand (1):
next reply other threads:[~2025-06-12 7:48 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2025-06-12 7:48 Shankari Anand [this message]
2025-06-12 7:48 ` [PATCH v2] kconfig/nconf: Replace strncpy() with snprintf() Shankari Anand
2025-06-24 11:08 ` Masahiro Yamada
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20250612074802.900256-1-shankari.ak0208@gmail.com \
--to=shankari.ak0208@gmail.com \
--cc=linux-kbuild@vger.kernel.org \
--cc=masahiroy@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).