čt 15. 1. 2026 v 18:26 odesílatel Wander Lairson Costa <[email protected]> napsal: > > Introduce a userspace strscpy() implementation that matches the Linux > kernel's strscpy() semantics. The function is built on top of glibc's > strlcpy() and provides guaranteed NUL-termination along with proper > truncation detection through its return value. > > The previous strncpy() calls had potential issues: strncpy() does not > guarantee NUL-termination when the source string length equals or > exceeds the destination buffer size. This required defensive patterns > like pre-zeroing buffers or manually setting the last byte to NUL. > The new strscpy() function always NUL-terminates the destination buffer > unless the size is zero, and returns -E2BIG on truncation, making error > handling cleaner and more consistent with kernel code. > > Note that unlike the kernel's strscpy(), this implementation uses > strlcpy() internally, which reads the entire source string to determine > its length. The kernel avoids this to prevent potential DoS attacks from > extremely long untrusted strings. This is harmless for a userspace CLI > tool like rtla where input sources are bounded and trusted. >
strlcpy() was only added in glibc 2.38 [1]. It is thus not available on systems with older glibc, like RHEL 9. Using it for strscpy() implementation causes RTLA to fail to build on those systems. [1] https://www.gnu.org/software/gnulib/manual/html_node/strlcpy.html > Replace all strncpy() calls in rtla with strscpy(), using sizeof() for > buffer sizes instead of magic constants to ensure the sizes stay in > sync with the actual buffer declarations. Also remove a now-redundant > memset() call that was previously needed to work around strncpy() > behavior. > > Signed-off-by: Wander Lairson Costa <[email protected]> > --- > tools/tracing/rtla/src/timerlat_aa.c | 6 ++--- > tools/tracing/rtla/src/utils.c | 34 ++++++++++++++++++++++++++-- > tools/tracing/rtla/src/utils.h | 1 + > 3 files changed, 36 insertions(+), 5 deletions(-) > Tomas
