LKML Archive on lore.kernel.org
help / color / mirror / Atom feed
* [PATCH v3 0/3] Remove all strcpy() uses
@ 2021-08-01  8:51 Len Baker
  2021-08-01  8:51 ` [PATCH v3 1/3] staging/fbtft: " Len Baker
                   ` (3 more replies)
  0 siblings, 4 replies; 10+ messages in thread
From: Len Baker @ 2021-08-01  8:51 UTC (permalink / raw)
  To: Greg Kroah-Hartman
  Cc: Len Baker, Andy Shevchenko, Phil Reid, Geert Uytterhoeven,
	dri-devel, linux-fbdev, linux-staging, linux-kernel

strcpy() performs no bounds checking on the destination buffer. This
could result in linear overflows beyond the end of the buffer, leading
to all kinds of misbehaviors. So, this serie removes all strcpy uses
from the "staging/fbtft" subsystem.

Also, refactor the code a bit to follow the kernel coding-style and
avoid unnecessary variable initialization.

Changelog v1 -> v2
- Add two new commits to clean the code.
- Use the "%*ph" format specifier instead of strscpy() function (Geert
  Uytterhoeven)

Changelog v2 -> v3
- Change the initialization of the "j" variable in the "for" loop and
  update the code accordingly (Andy Shevchenko).
- Improve the commit message to inform that the "%*ph" replacement
  won't cut output earlier than requested (Andy Shevchenko).
- Don't remove the braces in the "if" statement due to the presence of
  the comment (Geert Uytterhoeven).

Len Baker (3):
  staging/fbtft: Remove all strcpy() uses
  staging/fbtft: Remove unnecessary variable initialization
  staging/fbtft: Fix braces coding style

 drivers/staging/fbtft/fbtft-core.c | 23 ++++++++++-------------
 1 file changed, 10 insertions(+), 13 deletions(-)

--
2.25.1


^ permalink raw reply	[flat|nested] 10+ messages in thread

* [PATCH v3 1/3] staging/fbtft: Remove all strcpy() uses
  2021-08-01  8:51 [PATCH v3 0/3] Remove all strcpy() uses Len Baker
@ 2021-08-01  8:51 ` Len Baker
  2021-08-01  8:51 ` [PATCH v3 2/3] staging/fbtft: Remove unnecessary variable initialization Len Baker
                   ` (2 subsequent siblings)
  3 siblings, 0 replies; 10+ messages in thread
From: Len Baker @ 2021-08-01  8:51 UTC (permalink / raw)
  To: Greg Kroah-Hartman
  Cc: Len Baker, Andy Shevchenko, Phil Reid, Geert Uytterhoeven,
	dri-devel, linux-fbdev, linux-staging, linux-kernel

strcpy() performs no bounds checking on the destination buffer. This
could result in linear overflows beyond the end of the buffer, leading
to all kinds of misbehaviors. The safe replacement is strscpy() but in
this case it is simpler to use the "%*ph" format specifier.

Moreover, with the "0x%02X " in the sprintf followed by the strcat, the
msg buffer (now removed) can print 128/5 values (25 hex values). So, the
"%*ph" replacement won't cut output earlier than requested since this
format specifier can print up to 64 bytes.

Signed-off-by: Len Baker <len.baker@gmx.com>
---
 drivers/staging/fbtft/fbtft-core.c | 17 ++++++-----------
 1 file changed, 6 insertions(+), 11 deletions(-)

diff --git a/drivers/staging/fbtft/fbtft-core.c b/drivers/staging/fbtft/fbtft-core.c
index 3723269890d5..e6286043bff7 100644
--- a/drivers/staging/fbtft/fbtft-core.c
+++ b/drivers/staging/fbtft/fbtft-core.c
@@ -992,8 +992,6 @@ static int fbtft_init_display_from_property(struct fbtft_par *par)
 int fbtft_init_display(struct fbtft_par *par)
 {
 	int buf[64];
-	char msg[128];
-	char str[16];
 	int i = 0;
 	int j;

@@ -1036,17 +1034,14 @@ int fbtft_init_display(struct fbtft_par *par)
 		switch (par->init_sequence[i]) {
 		case -1:
 			i++;
+
 			/* make debug message */
-			strcpy(msg, "");
-			j = i + 1;
-			while (par->init_sequence[j] >= 0) {
-				sprintf(str, "0x%02X ", par->init_sequence[j]);
-				strcat(msg, str);
-				j++;
-			}
+			for (j = 0; par->init_sequence[i + 1 + j] >= 0; j++);
+
 			fbtft_par_dbg(DEBUG_INIT_DISPLAY, par,
-				      "init: write(0x%02X) %s\n",
-				      par->init_sequence[i], msg);
+				      "init: write(0x%02X) %*ph\n",
+				      par->init_sequence[i], j,
+				      &par->init_sequence[i + 1]);

 			/* Write */
 			j = 0;
--
2.25.1


^ permalink raw reply	[flat|nested] 10+ messages in thread

* [PATCH v3 2/3] staging/fbtft: Remove unnecessary variable initialization
  2021-08-01  8:51 [PATCH v3 0/3] Remove all strcpy() uses Len Baker
  2021-08-01  8:51 ` [PATCH v3 1/3] staging/fbtft: " Len Baker
@ 2021-08-01  8:51 ` Len Baker
  2021-08-01  8:51 ` [PATCH v3 3/3] staging/fbtft: Fix braces coding style Len Baker
  2021-08-01 11:40 ` [PATCH v3 0/3] Remove all strcpy() uses Andy Shevchenko
  3 siblings, 0 replies; 10+ messages in thread
From: Len Baker @ 2021-08-01  8:51 UTC (permalink / raw)
  To: Greg Kroah-Hartman
  Cc: Len Baker, Andy Shevchenko, Phil Reid, Geert Uytterhoeven,
	dri-devel, linux-fbdev, linux-staging, linux-kernel

Remove the initialization of the variable "i" since it is written a few
lines later.

Signed-off-by: Len Baker <len.baker@gmx.com>
---
 drivers/staging/fbtft/fbtft-core.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/staging/fbtft/fbtft-core.c b/drivers/staging/fbtft/fbtft-core.c
index e6286043bff7..ed896049118c 100644
--- a/drivers/staging/fbtft/fbtft-core.c
+++ b/drivers/staging/fbtft/fbtft-core.c
@@ -992,7 +992,7 @@ static int fbtft_init_display_from_property(struct fbtft_par *par)
 int fbtft_init_display(struct fbtft_par *par)
 {
 	int buf[64];
-	int i = 0;
+	int i;
 	int j;

 	/* sanity check */
--
2.25.1


^ permalink raw reply	[flat|nested] 10+ messages in thread

* [PATCH v3 3/3] staging/fbtft: Fix braces coding style
  2021-08-01  8:51 [PATCH v3 0/3] Remove all strcpy() uses Len Baker
  2021-08-01  8:51 ` [PATCH v3 1/3] staging/fbtft: " Len Baker
  2021-08-01  8:51 ` [PATCH v3 2/3] staging/fbtft: Remove unnecessary variable initialization Len Baker
@ 2021-08-01  8:51 ` Len Baker
  2021-08-01 11:40 ` [PATCH v3 0/3] Remove all strcpy() uses Andy Shevchenko
  3 siblings, 0 replies; 10+ messages in thread
From: Len Baker @ 2021-08-01  8:51 UTC (permalink / raw)
  To: Greg Kroah-Hartman
  Cc: Len Baker, Andy Shevchenko, Phil Reid, Geert Uytterhoeven,
	dri-devel, linux-fbdev, linux-staging, linux-kernel

Add braces to the "for" loop. This way, the kernel coding style is
followed.

Signed-off-by: Len Baker <len.baker@gmx.com>
---
 drivers/staging/fbtft/fbtft-core.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/drivers/staging/fbtft/fbtft-core.c b/drivers/staging/fbtft/fbtft-core.c
index ed896049118c..ed992ca605eb 100644
--- a/drivers/staging/fbtft/fbtft-core.c
+++ b/drivers/staging/fbtft/fbtft-core.c
@@ -1003,9 +1003,11 @@ int fbtft_init_display(struct fbtft_par *par)
 	}

 	/* make sure stop marker exists */
-	for (i = 0; i < FBTFT_MAX_INIT_SEQUENCE; i++)
+	for (i = 0; i < FBTFT_MAX_INIT_SEQUENCE; i++) {
 		if (par->init_sequence[i] == -3)
 			break;
+	}
+
 	if (i == FBTFT_MAX_INIT_SEQUENCE) {
 		dev_err(par->info->device,
 			"missing stop marker at end of init sequence\n");
--
2.25.1


^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH v3 0/3] Remove all strcpy() uses
  2021-08-01  8:51 [PATCH v3 0/3] Remove all strcpy() uses Len Baker
                   ` (2 preceding siblings ...)
  2021-08-01  8:51 ` [PATCH v3 3/3] staging/fbtft: Fix braces coding style Len Baker
@ 2021-08-01 11:40 ` Andy Shevchenko
  2021-08-01 13:34   ` Len Baker
  2021-08-05 11:18   ` Greg Kroah-Hartman
  3 siblings, 2 replies; 10+ messages in thread
From: Andy Shevchenko @ 2021-08-01 11:40 UTC (permalink / raw)
  To: Len Baker
  Cc: Greg Kroah-Hartman, Andy Shevchenko, Phil Reid,
	Geert Uytterhoeven, dri-devel, open list:FRAMEBUFFER LAYER,
	linux-staging, Linux Kernel Mailing List

On Sun, Aug 1, 2021 at 11:53 AM Len Baker <len.baker@gmx.com> wrote:
>
> strcpy() performs no bounds checking on the destination buffer. This
> could result in linear overflows beyond the end of the buffer, leading
> to all kinds of misbehaviors. So, this serie removes all strcpy uses
> from the "staging/fbtft" subsystem.
>
> Also, refactor the code a bit to follow the kernel coding-style and
> avoid unnecessary variable initialization.

I don't see patch 3 (even on lore.kernel.org).

Greg, Geert, does it make sense to move this driver outside of staging?
I would volunteer to maintain it there.

> Changelog v1 -> v2
> - Add two new commits to clean the code.
> - Use the "%*ph" format specifier instead of strscpy() function (Geert
>   Uytterhoeven)
>
> Changelog v2 -> v3
> - Change the initialization of the "j" variable in the "for" loop and
>   update the code accordingly (Andy Shevchenko).
> - Improve the commit message to inform that the "%*ph" replacement
>   won't cut output earlier than requested (Andy Shevchenko).
> - Don't remove the braces in the "if" statement due to the presence of
>   the comment (Geert Uytterhoeven).
>
> Len Baker (3):
>   staging/fbtft: Remove all strcpy() uses
>   staging/fbtft: Remove unnecessary variable initialization
>   staging/fbtft: Fix braces coding style
>
>  drivers/staging/fbtft/fbtft-core.c | 23 ++++++++++-------------
>  1 file changed, 10 insertions(+), 13 deletions(-)
>
> --
> 2.25.1
>


-- 
With Best Regards,
Andy Shevchenko

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH v3 0/3] Remove all strcpy() uses
  2021-08-01 11:40 ` [PATCH v3 0/3] Remove all strcpy() uses Andy Shevchenko
@ 2021-08-01 13:34   ` Len Baker
  2021-08-05 11:18   ` Greg Kroah-Hartman
  1 sibling, 0 replies; 10+ messages in thread
From: Len Baker @ 2021-08-01 13:34 UTC (permalink / raw)
  To: Andy Shevchenko
  Cc: Len Baker, Greg Kroah-Hartman, Phil Reid, Geert Uytterhoeven,
	dri-devel, open list:FRAMEBUFFER LAYER, linux-staging,
	Linux Kernel Mailing List

Hi Andy,

On Sun, Aug 01, 2021 at 02:40:40PM +0300, Andy Shevchenko wrote:
> On Sun, Aug 1, 2021 at 11:53 AM Len Baker <len.baker@gmx.com> wrote:
> >
> > strcpy() performs no bounds checking on the destination buffer. This
> > could result in linear overflows beyond the end of the buffer, leading
> > to all kinds of misbehaviors. So, this serie removes all strcpy uses
> > from the "staging/fbtft" subsystem.
> >
> > Also, refactor the code a bit to follow the kernel coding-style and
> > avoid unnecessary variable initialization.
>
> I don't see patch 3 (even on lore.kernel.org).

Due to my email provider restrictions (number of emails per hour), I
need to send an email every x time.

Regards,
Len

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH v3 0/3] Remove all strcpy() uses
  2021-08-01 11:40 ` [PATCH v3 0/3] Remove all strcpy() uses Andy Shevchenko
  2021-08-01 13:34   ` Len Baker
@ 2021-08-05 11:18   ` Greg Kroah-Hartman
  2021-08-05 11:30     ` Andy Shevchenko
  1 sibling, 1 reply; 10+ messages in thread
From: Greg Kroah-Hartman @ 2021-08-05 11:18 UTC (permalink / raw)
  To: Andy Shevchenko
  Cc: Len Baker, Andy Shevchenko, Phil Reid, Geert Uytterhoeven,
	dri-devel, open list:FRAMEBUFFER LAYER, linux-staging,
	Linux Kernel Mailing List

On Sun, Aug 01, 2021 at 02:40:40PM +0300, Andy Shevchenko wrote:
> On Sun, Aug 1, 2021 at 11:53 AM Len Baker <len.baker@gmx.com> wrote:
> >
> > strcpy() performs no bounds checking on the destination buffer. This
> > could result in linear overflows beyond the end of the buffer, leading
> > to all kinds of misbehaviors. So, this serie removes all strcpy uses
> > from the "staging/fbtft" subsystem.
> >
> > Also, refactor the code a bit to follow the kernel coding-style and
> > avoid unnecessary variable initialization.
> 
> I don't see patch 3 (even on lore.kernel.org).
> 
> Greg, Geert, does it make sense to move this driver outside of staging?

If you clean up everything that needs to be done, yes, please do.

thanks,

greg k-h

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH v3 0/3] Remove all strcpy() uses
  2021-08-05 11:18   ` Greg Kroah-Hartman
@ 2021-08-05 11:30     ` Andy Shevchenko
  2021-08-05 11:38       ` Greg Kroah-Hartman
  0 siblings, 1 reply; 10+ messages in thread
From: Andy Shevchenko @ 2021-08-05 11:30 UTC (permalink / raw)
  To: Greg Kroah-Hartman
  Cc: Len Baker, Andy Shevchenko, Phil Reid, Geert Uytterhoeven,
	dri-devel, open list:FRAMEBUFFER LAYER, linux-staging,
	Linux Kernel Mailing List

On Thu, Aug 5, 2021 at 2:18 PM Greg Kroah-Hartman
<gregkh@linuxfoundation.org> wrote:
> On Sun, Aug 01, 2021 at 02:40:40PM +0300, Andy Shevchenko wrote:
> > On Sun, Aug 1, 2021 at 11:53 AM Len Baker <len.baker@gmx.com> wrote:
> > >
> > > strcpy() performs no bounds checking on the destination buffer. This
> > > could result in linear overflows beyond the end of the buffer, leading
> > > to all kinds of misbehaviors. So, this serie removes all strcpy uses
> > > from the "staging/fbtft" subsystem.
> > >
> > > Also, refactor the code a bit to follow the kernel coding-style and
> > > avoid unnecessary variable initialization.
> >
> > I don't see patch 3 (even on lore.kernel.org).
> >
> > Greg, Geert, does it make sense to move this driver outside of staging?
>
> If you clean up everything that needs to be done, yes, please do.

Do we have a clear TODO for that?

The current one has the item which is not feasible to achieve in
reasonable time. Some of those drivers won't be converted to tiny DRM.
So the idea is to keep this out of staging in the maintenance phase
(as it currently states, i.e. no new drivers accepted).  For the rest
I'm not sure what else can be done (checkpatch? coccinelle?).
Actually the first sentence in this paragraph is a motivation for
moving out of staging.

-- 
With Best Regards,
Andy Shevchenko

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH v3 0/3] Remove all strcpy() uses
  2021-08-05 11:30     ` Andy Shevchenko
@ 2021-08-05 11:38       ` Greg Kroah-Hartman
  2021-08-05 11:52         ` Andy Shevchenko
  0 siblings, 1 reply; 10+ messages in thread
From: Greg Kroah-Hartman @ 2021-08-05 11:38 UTC (permalink / raw)
  To: Andy Shevchenko
  Cc: Len Baker, Andy Shevchenko, Phil Reid, Geert Uytterhoeven,
	dri-devel, open list:FRAMEBUFFER LAYER, linux-staging,
	Linux Kernel Mailing List

On Thu, Aug 05, 2021 at 02:30:35PM +0300, Andy Shevchenko wrote:
> On Thu, Aug 5, 2021 at 2:18 PM Greg Kroah-Hartman
> <gregkh@linuxfoundation.org> wrote:
> > On Sun, Aug 01, 2021 at 02:40:40PM +0300, Andy Shevchenko wrote:
> > > On Sun, Aug 1, 2021 at 11:53 AM Len Baker <len.baker@gmx.com> wrote:
> > > >
> > > > strcpy() performs no bounds checking on the destination buffer. This
> > > > could result in linear overflows beyond the end of the buffer, leading
> > > > to all kinds of misbehaviors. So, this serie removes all strcpy uses
> > > > from the "staging/fbtft" subsystem.
> > > >
> > > > Also, refactor the code a bit to follow the kernel coding-style and
> > > > avoid unnecessary variable initialization.
> > >
> > > I don't see patch 3 (even on lore.kernel.org).
> > >
> > > Greg, Geert, does it make sense to move this driver outside of staging?
> >
> > If you clean up everything that needs to be done, yes, please do.
> 
> Do we have a clear TODO for that?
> 
> The current one has the item which is not feasible to achieve in
> reasonable time. Some of those drivers won't be converted to tiny DRM.
> So the idea is to keep this out of staging in the maintenance phase
> (as it currently states, i.e. no new drivers accepted).  For the rest
> I'm not sure what else can be done (checkpatch? coccinelle?).
> Actually the first sentence in this paragraph is a motivation for
> moving out of staging.

Take it up with the DRM developers/maintainers.  If they approve for
this to move out of staging without being converted over to use tiny
DRM, then I am fine to move it out.

thnks,

greg k-h

^ permalink raw reply	[flat|nested] 10+ messages in thread

* Re: [PATCH v3 0/3] Remove all strcpy() uses
  2021-08-05 11:38       ` Greg Kroah-Hartman
@ 2021-08-05 11:52         ` Andy Shevchenko
  0 siblings, 0 replies; 10+ messages in thread
From: Andy Shevchenko @ 2021-08-05 11:52 UTC (permalink / raw)
  To: Greg Kroah-Hartman, Daniel Vetter, David Airlie, Noralf Trønnes
  Cc: Len Baker, Andy Shevchenko, Phil Reid, Geert Uytterhoeven,
	dri-devel, open list:FRAMEBUFFER LAYER, linux-staging,
	Linux Kernel Mailing List

+Cc: David, Daniel, Noralf.

The idea is to move fbtft under drivers/fbdev on the same terms, i.e.
no acceptance of the new drivers there.
The rationale is that for some of the panels it (fbtft) will be the
only driver and nobody will convert it to tiny DRM.
See more below.

On Thu, Aug 5, 2021 at 2:38 PM Greg Kroah-Hartman
<gregkh@linuxfoundation.org> wrote:
> On Thu, Aug 05, 2021 at 02:30:35PM +0300, Andy Shevchenko wrote:
> > On Thu, Aug 5, 2021 at 2:18 PM Greg Kroah-Hartman
> > <gregkh@linuxfoundation.org> wrote:
> > > On Sun, Aug 01, 2021 at 02:40:40PM +0300, Andy Shevchenko wrote:
> > > > On Sun, Aug 1, 2021 at 11:53 AM Len Baker <len.baker@gmx.com> wrote:
> > > > >
> > > > > strcpy() performs no bounds checking on the destination buffer. This
> > > > > could result in linear overflows beyond the end of the buffer, leading
> > > > > to all kinds of misbehaviors. So, this serie removes all strcpy uses
> > > > > from the "staging/fbtft" subsystem.
> > > > >
> > > > > Also, refactor the code a bit to follow the kernel coding-style and
> > > > > avoid unnecessary variable initialization.
> > > >
> > > > I don't see patch 3 (even on lore.kernel.org).
> > > >
> > > > Greg, Geert, does it make sense to move this driver outside of staging?
> > >
> > > If you clean up everything that needs to be done, yes, please do.
> >
> > Do we have a clear TODO for that?
> >
> > The current one has the item which is not feasible to achieve in
> > reasonable time. Some of those drivers won't be converted to tiny DRM.
> > So the idea is to keep this out of staging in the maintenance phase
> > (as it currently states, i.e. no new drivers accepted).  For the rest
> > I'm not sure what else can be done (checkpatch? coccinelle?).
> > Actually the first sentence in this paragraph is a motivation for
> > moving out of staging.
>
> Take it up with the DRM developers/maintainers.  If they approve for
> this to move out of staging without being converted over to use tiny
> DRM, then I am fine to move it out.

Got it.  Cc'ed this to corresponding people.

-- 
With Best Regards,
Andy Shevchenko

^ permalink raw reply	[flat|nested] 10+ messages in thread

end of thread, other threads:[~2021-08-05 11:52 UTC | newest]

Thread overview: 10+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-01  8:51 [PATCH v3 0/3] Remove all strcpy() uses Len Baker
2021-08-01  8:51 ` [PATCH v3 1/3] staging/fbtft: " Len Baker
2021-08-01  8:51 ` [PATCH v3 2/3] staging/fbtft: Remove unnecessary variable initialization Len Baker
2021-08-01  8:51 ` [PATCH v3 3/3] staging/fbtft: Fix braces coding style Len Baker
2021-08-01 11:40 ` [PATCH v3 0/3] Remove all strcpy() uses Andy Shevchenko
2021-08-01 13:34   ` Len Baker
2021-08-05 11:18   ` Greg Kroah-Hartman
2021-08-05 11:30     ` Andy Shevchenko
2021-08-05 11:38       ` Greg Kroah-Hartman
2021-08-05 11:52         ` Andy Shevchenko

This is a public inbox, see mirroring instructions
on how to clone and mirror all data and code used for this inbox