Re: RFC for a new string-copy function, using mixtures of strlcpy and strscpy

[Ajay Garg]

On Mon, Nov 8, 2021 at 2:04 PM Andy Shevchenko <andy.shevchenko
> >
> > For example, in file fs/kernfs/dir.c, there are methods like
> > "kernfs_name_locked", "kernfs_path_from_node_locked" which simply
> > consume the return-value without any checks.
> >
> > All the above functions have a simple motive : copy as much bytes as
> > possible in the destination buffer, and then consume/return the number
> > of bytes actually copied (minus the null-terminator byte of course).
>
> Nope. Read the comment WRT strscpy().

Seems there is a confusion.

I meant the functions "kernfs_name_locked" and others in
fs/kernfs/dir.c, that use strlcpy and then simply consume/propogate
the return-value without any checks.


>
> > If checks are to be put in-place, it would be too much code/churn,
> > adding if checks all over the place.
>
> Yep, that's why in some cases where we know that there can't be
> overflow the checks are not present. In some cases it's historically
> like this, in some cases checks might be useful and so on. But no, we
> do not need more chaos in the string functions.
>

If the client knows that overflow cannot be there, it is better to use
the simple vanilla strcpy.
Using strlcpy means that the client believes there might be case when
src-buffer might be bigger.

Again, functions like "kernfs_name_locked" and others in
fs/kernfs/dir.c demonstrate that the client cannot be sure whether the
src-buffer is small enough to be fit into the dest-buffer.


Thanks and Regards,
Ajay