diff options
| author | Kees Cook <kees@kernel.org> | 2026-03-23 04:27:25 +0300 |
|---|---|---|
| committer | Kees Cook <kees@kernel.org> | 2026-06-19 02:39:31 +0300 |
| commit | 079a028d6327e68cfa5d38b36123637b321c19a7 (patch) | |
| tree | d6bed2ef9b0f5969d1105f010d8b4a8804a13f61 /include/linux/string.h | |
| parent | 58c4ce8cd6cd1fbf1bca2e1d1f42f9e2899fa934 (diff) | |
| download | linux-079a028d6327e68cfa5d38b36123637b321c19a7.tar.xz | |
string: Remove strncpy() from the kernel
strncpy() has been a persistent source of bugs due to its ambiguous
intended usage and frequently counter-intuitive semantics: it may not
NUL-terminate the destination, and it unconditionally zero-pads to the
full length, which isn't always needed. All former callers have been
migrated[1] to:
- strscpy() for NUL-terminated destinations
- strscpy_pad() for NUL-terminated destinations needing zero-padding
- strtomem_pad() for non-NUL-terminated fixed-width fields
- memcpy_and_pad() for bounded copies with explicit padding
- memcpy() for known-length copies
Remove the generic implementation, its declaration, the FORTIFY_SOURCE
wrapper, and associated tests.
Link: https://github.com/KSPP/linux/issues/90 [1]
Signed-off-by: Kees Cook <kees@kernel.org>
Diffstat (limited to 'include/linux/string.h')
| -rw-r--r-- | include/linux/string.h | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/include/linux/string.h b/include/linux/string.h index b850bd91b3d8..5702daca4326 100644 --- a/include/linux/string.h +++ b/include/linux/string.h @@ -67,9 +67,6 @@ void *vmemdup_array_user(const void __user *src, size_t n, size_t size) #ifndef __HAVE_ARCH_STRCPY extern char * strcpy(char *,const char *); #endif -#ifndef __HAVE_ARCH_STRNCPY -extern char * strncpy(char *,const char *, __kernel_size_t); -#endif ssize_t sized_strscpy(char *, const char *, size_t); /* |