public inbox for linux-hardening@vger.kernel.org
 help / color / mirror / Atom feed
* [PATCH] lib/string: rewrite strlcat() to use sized_strscpy()
@ 2026-03-16 16:49 Josh Law
  2026-03-16 16:53 ` Andy Shevchenko
  0 siblings, 1 reply; 2+ messages in thread
From: Josh Law @ 2026-03-16 16:49 UTC (permalink / raw)
  To: kees, akpm; +Cc: andy, linux-hardening, linux-kernel, Josh Law

Replace the hand-rolled copy logic and BUG_ON() in strlcat() with a
call to sized_strscpy(). This removes the kernel panic on caller
misuse (dsize >= count) and instead returns a truncation indicator
consistent with BSD strlcat semantics.

strlcat() is deprecated and callers should be converted to strscpy()
or similar bounded interfaces.

Signed-off-by: Josh Law <objecting@objecting.org>
---
 lib/string.c | 15 +++++----------
 1 file changed, 5 insertions(+), 10 deletions(-)

diff --git a/lib/string.c b/lib/string.c
index b632c71df1a5..414016f8a6a6 100644
--- a/lib/string.c
+++ b/lib/string.c
@@ -253,18 +253,13 @@ size_t strlcat(char *dest, const char *src, size_t count)
 {
 	size_t dsize = strlen(dest);
 	size_t len = strlen(src);
-	size_t res = dsize + len;
 
-	/* This would be a bug */
-	BUG_ON(dsize >= count);
+	if (dsize >= count)
+		return count + len;
 
-	dest += dsize;
-	count -= dsize;
-	if (len >= count)
-		len = count-1;
-	__builtin_memcpy(dest, src, len);
-	dest[len] = 0;
-	return res;
+	sized_strscpy(dest + dsize, src, count - dsize);
+
+	return dsize + len;
 }
 EXPORT_SYMBOL(strlcat);
 #endif
-- 
2.34.1


^ permalink raw reply related	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2026-03-16 16:53 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2026-03-16 16:49 [PATCH] lib/string: rewrite strlcat() to use sized_strscpy() Josh Law
2026-03-16 16:53 ` Andy Shevchenko

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox