Re: [PATCH] libbpf: Replace strcpy() with memcpy() in bpf_object__new()

[Greg KH]

On Thu, Jul 17, 2025 at 10:29:50PM +0530, Suchit K wrote:
> On Thu, 17 Jul 2025 at 22:19, Yonghong Song <yonghong.song@xxxxxxxxx> wrote:
> >
> >
> >
> > On 7/17/25 4:59 AM, Suchit Karunakaran wrote:
> > > Replace the unsafe strcpy() call with memcpy() when copying the path
> > > into the bpf_object structure. Since the memory is pre-allocated to
> > > exactly strlen(path) + 1 bytes and the length is already known, memcpy()
> > > is safer than strcpy().
> >
> > I don't understand in this particular context why strcpy()
> > is less safer than memcpy(). Both of them will achieve the
> > exactly same goal.
> >
> 
> Sorry, I meant that strcpy() is generally considered unsafe because it
> doesn't perform bounds checking. Its use is deprecated and
> discouraged, as noted in Documentation/process/deprecated.rst. I made
> this change with that in mind, although I'm not entirely certain
> whether it's actually unsafe in this specific context.
> 

Your change also did not do any bounds checking at all, so how is this
now safer?

confused,

greg k-h