On Mon, Mar 16, 2026 at 04:36:40PM +0000, Josh Law wrote: > On 16 March 2026 16:30:15 GMT, Andy Shevchenko <[email protected]> > wrote: > >On Mon, Mar 16, 2026 at 04:17:28PM +0000, Josh Law wrote: > >> BUG_ON() in a library function is too harsh -- it panics the kernel > >> when a caller passes a dest string whose length already meets or > >> exceeds count. This is a caller bug, not a reason to bring down the > >> entire system. > >> > >> Replace with WARN_ON_ONCE() and a safe early return. The return value > >> of count signals truncation to the caller, consistent with strlcat > >> semantics (return >= count means the output was truncated). > >> > >> This follows the guidance in include/asm-generic/bug.h which > >> explicitly discourages BUG_ON: "Don't use BUG() or BUG_ON() unless > >> there's really no way out." > > > >First of all, this doesn't really change much, especially if one uses > >panic_on_oops. > > > >Second, the entire function is kinda deprecated, it's better just to drop it. > > > >$ git grep -lw strlcat | wc -l > >142 > > > >(In reality it's less as tools and implementation are not users of it) > > > >Third, if the caller is that problematic this may lead to the serious > >(security) issues. > > > >Based on that, NAK. > > Hmm, good call, but how would I implement that? BUG_ON seems a bit too harsh > for a library function.
Drop the function. Start from converting users to strscpy() or similar (we have a few for different cases) and then drop strlcat() all for good. -- With Best Regards, Andy Shevchenko
