Skip to content

Remove all strlcpy() uses in favor of strscpy() #89

Description

@kees

The strlcpy() function is dangerous in that the source buffer length is unbounded. This can cause memory over-reads, crashes, etc. It should be entirely removed from the kernel in favor of using strscpy().

https://www.kernel.org/doc/html/latest/process/deprecated.html#strlcpy
https://lore.kernel.org/r/CAHk-=wgfRnXz0W3D37d01q3JFkr_i_uTL=V6A6G1oUZcprmknw@mail.gmail.com/

As with all of these kind of major refactorings, the changes are best split up into any special categories of manual steps, and then any special categories of automated steps. For example, I see at least two cases for strlcpy() -> strscpy():

  • replace all cases of strlcpy()'s return value being used and figure out how to correctly deal with it, since strscpy()'s return value is quite different
  • replace all the "no return value checked" cases
  • remove API

Metadata

Metadata

Assignees

No one assigned

    Labels

    [Linux] v6.8Released in Linux kernel v6.8[Refactor] strcpyReplace uses of unsafe strcpy-family functionsgood first issueGood for newcomers

    Type

    No type
    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions