Re: [PATCH 2/2] module: Show the last unloaded module's taint flag(s)

[Luis Chamberlain]

On Sun, Jul 03, 2022 at 03:22:18PM +0100, Aaron Tomlin wrote:
> On Tue 2022-06-28 08:47 +0100, Aaron Tomlin wrote:
> > On Tue 2022-06-28 05:54 +0000, Christophe Leroy wrote:
> > > > -	/* Store the name of the last unloaded module for diagnostic purposes */
> > > >   	strlcpy(last_unloaded_module, mod->name, sizeof(last_unloaded_module));
> > > > +	strcat(last_unloaded_module, module_flags(mod, buf, false));
> > > 
> > > You replace a bounded string copy by an unbounded strict contat.
> > > 
> > > Should you use strlcat() instead ?
> > 
> > Hi Christophe,
> > 
> > Why? If I understand correctly, both the destination and source string are
> > NULL-terminated (see module_flags()). So, strcat() should be sufficient.
> 
> Hi Luis,
> 
> Any thoughts on this? As far as I can tell, the destination string cannot
> be overwritten; albeit, I can use the safer option if you prefer.

Yeah I don't like this as-is, it makes it not so easy to follow, I'll
reply in my review of your patch now.

  Luis