Re: [PATCH v2] kconfig/lxdialog: replace strcpy() with strlcpy() in inputbox.c
From: Nicolas Schier
Date: Sun Jul 27 2025 - 12:19:48 EST
On Sat, Jul 26, 2025 at 11:25:24PM +0530, Suchit Karunakaran wrote:
> strcpy() performs no bounds checking and can lead to buffer overflows if
> the input string exceeds the destination buffer size. This patch replaces
> it with strlcpy(), which ensures the input is always NULL-terminated,
> prevents overflows, following kernel coding guidelines.
>
> Signed-off-by: Suchit Karunakaran <suchitkarunakaran@xxxxxxxxx>
>
> Changes since v1:
> - Replace strscpy with strlcpy
>
> ---
> scripts/kconfig/lxdialog/inputbox.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/scripts/kconfig/lxdialog/inputbox.c b/scripts/kconfig/lxdialog/inputbox.c
> index 3c6e24b20f5b..ca778e270346 100644
> --- a/scripts/kconfig/lxdialog/inputbox.c
> +++ b/scripts/kconfig/lxdialog/inputbox.c
> @@ -40,7 +40,7 @@ int dialog_inputbox(const char *title, const char *prompt, int height, int width
> if (!init)
> instr[0] = '\0';
> else
> - strcpy(instr, init);
> + strlcpy(instr, init, MAX_LEN + 1);
oh, I am sorry for the bad recommendation. On my Debian bookworm arm64
machine (w/o libbsd0), this does not compile as strlcpy() is not
available (same as reported by kernel test robot [1]). As libbsd0 it
not a documented dependency, strlcpy() should then probably not be used
either (and Documentation/process/deprecated.rst also argues against
it).
So, keeping close to Masahiros mail [2] a few weeks ago, what about
this?
else {
strncpy(instr, init, sizeof(dialog_input_result)-1);
instr[sizeof(dialog_input_result)-1) = '\0';
}
Kind regards,
Nicolas
[1]: https://lore.kernel.org/linux-kbuild/202507270411.j9vfofzH-lkp@xxxxxxxxx/
[2]: https://lore.kernel.org/linux-kbuild/CAK7LNASH7HyQZtPjerws7K8Smn1OXeDAXODdB9VaULXiYOitQg@xxxxxxxxxxxxxx/
Attachment:
signature.asc
Description: PGP signature