[PATCH] kconfig: replace strcpy() with strlcpy() in symbol.c

From: Suchit Karunakaran
Date: Sat Jul 26 2025 - 15:15:35 EST

Next message: Lorenzo Stoakes: "Re: [PATCH] mm: remove io-mapping"
Previous message: Daniel Borkmann: "Re: [PATCH v4 0/5] Support trampoline for LoongArch"
Next in thread: kernel test robot: "Re: [PATCH] kconfig: replace strcpy() with strlcpy() in symbol.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

strcpy() performs no bounds checking and can lead to buffer overflows if
the input string exceeds the destination buffer size. This patch replaces
it with strlcpy(), which ensures the input is always NULL-terminated and
prevents overflows, following kernel coding guidelines.

Signed-off-by: Suchit Karunakaran <suchitkarunakaran@xxxxxxxxx>
---
scripts/kconfig/symbol.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/scripts/kconfig/symbol.c b/scripts/kconfig/symbol.c
index 26ab10c0fd76..c44e8ac3e9fe 100644
--- a/scripts/kconfig/symbol.c
+++ b/scripts/kconfig/symbol.c
@@ -777,7 +777,7 @@ bool sym_set_string_value(struct symbol *sym, const char *newval)
else
return true;

- strcpy(val, newval);
+ strlcpy(val, newval, size);
free((void *)oldval);
sym_clear_all_valid();

--
2.50.1

Next message: Lorenzo Stoakes: "Re: [PATCH] mm: remove io-mapping"
Previous message: Daniel Borkmann: "Re: [PATCH v4 0/5] Support trampoline for LoongArch"
Next in thread: kernel test robot: "Re: [PATCH] kconfig: replace strcpy() with strlcpy() in symbol.c"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]