[PATCH] tools: include: add proper strscpy() declaration

[PATCH] tools: include: add proper strscpy() declaration

[Lucas Poupeau]

Remove the macro hack and add a proper implementation in tools/lib/string.c.
This avoids unsafe strcpy usage when strscpy is expected and fixes
potential compilation warnings regarding str_error_r.

Fixes: 9e3d665 ("memblock test: fix implicit declaration of function 'strscpy'")
Suggested-by: Maxwell Doose <m32285159@gmail.com>
Reviewed-by: Wei Yang <richard.weiyang@gmail.com>
Signed-off-by: Lucas Poupeau <lucasp.linux@gmail.com>
---
 tools/include/linux/string.h | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/include/linux/string.h b/tools/include/linux/string.h
index 51ad3cf4fa82..d6e53109e786 100644
--- a/tools/include/linux/string.h
+++ b/tools/include/linux/string.h
@@ -12,7 +12,7 @@ void argv_free(char **argv);
 
 int strtobool(const char *s, bool *res);
 
-#define strscpy strcpy
+ssize_t strscpy(char *dest, const char *src, size_t count);
 
 /*
  * glibc based builds needs the extern while uClibc doesn't.
-- 
2.54.0

Re: [PATCH] tools: include: add proper strscpy() declaration

[Maxwell Doose]

On Wed, May 6, 2026 at 11:34 AM Lucas Poupeau <lucasp.linux@gmail.com> wrote:
>
> Remove the macro hack and add a proper implementation in tools/lib/string.c.
> This avoids unsafe strcpy usage when strscpy is expected and fixes
> potential compilation warnings regarding str_error_r.
>
> Fixes: 9e3d665 ("memblock test: fix implicit declaration of function 'strscpy'")
> Suggested-by: Maxwell Doose <m32285159@gmail.com>
> Reviewed-by: Wei Yang <richard.weiyang@gmail.com>
> Signed-off-by: Lucas Poupeau <lucasp.linux@gmail.com>
> ---
>  tools/include/linux/string.h | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/include/linux/string.h b/tools/include/linux/string.h
> index 51ad3cf4fa82..d6e53109e786 100644
> --- a/tools/include/linux/string.h
> +++ b/tools/include/linux/string.h
> @@ -12,7 +12,7 @@ void argv_free(char **argv);
>
>  int strtobool(const char *s, bool *res);
>
> -#define strscpy strcpy
> +ssize_t strscpy(char *dest, const char *src, size_t count);
>
>  /*
>   * glibc based builds needs the extern while uClibc doesn't.
> --
> 2.54.0
>

Should be v2; please remark and add changelog.

best regards,
max

Re: [PATCH] tools: include: add proper strscpy() declaration

[Wei Yang]

On Wed, May 06, 2026 at 06:34:52PM +0200, Lucas Poupeau wrote:
>Remove the macro hack and add a proper implementation in tools/lib/string.c.
>This avoids unsafe strcpy usage when strscpy is expected and fixes
>potential compilation warnings regarding str_error_r.
>
>Fixes: 9e3d665 ("memblock test: fix implicit declaration of function 'strscpy'")

The Fixes tag seems not necessary.

>Suggested-by: Maxwell Doose <m32285159@gmail.com>
>Reviewed-by: Wei Yang <richard.weiyang@gmail.com>

Hmm... I didn't see your change before, so I can't reviewed yet.

It is not proper to add RB by yourself.

>Signed-off-by: Lucas Poupeau <lucasp.linux@gmail.com>
>---
> tools/include/linux/string.h | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
>diff --git a/tools/include/linux/string.h b/tools/include/linux/string.h
>index 51ad3cf4fa82..d6e53109e786 100644
>--- a/tools/include/linux/string.h
>+++ b/tools/include/linux/string.h
>@@ -12,7 +12,7 @@ void argv_free(char **argv);
> 
> int strtobool(const char *s, bool *res);
> 
>-#define strscpy strcpy
>+ssize_t strscpy(char *dest, const char *src, size_t count);
> 

You mean add proper implementation, but this is just a declaration.
Where is the definition in tools/lib/string.c? Something is missed?

After applying your patch, I got this when build tools/testing/memblock.


memblock.c: In function ‘reserved_mem_add’:
memblock.c:2464:9: error: too few arguments to function ‘strscpy’
 2464 |         strscpy(map->name, name);
      |         ^~~~~~~
In file included from ./linux/kernel.h:11,
                 from memblock.c:9:
../../include/linux/string.h:16:9: note: declared here
   16 | ssize_t strscpy(char *dest, const char *src, size_t count);
      |         ^~~~~~~
make: *** [<builtin>: memblock.o] Error 1

> /*
>  * glibc based builds needs the extern while uClibc doesn't.
>-- 
>2.54.0

-- 
Wei Yang
Help you, Help me

Re: [PATCH] tools: include: add proper strscpy() declaration

[Maxwell Doose]

On Wed, May 6, 2026 at 9:42 PM Wei Yang <richard.weiyang@gmail.com> wrote:
>
> On Wed, May 06, 2026 at 06:34:52PM +0200, Lucas Poupeau wrote:
> >Remove the macro hack and add a proper implementation in tools/lib/string.c.
> >This avoids unsafe strcpy usage when strscpy is expected and fixes
> >potential compilation warnings regarding str_error_r.
> >
> >Fixes: 9e3d665 ("memblock test: fix implicit declaration of function 'strscpy'")
>
> The Fixes tag seems not necessary.
>

Perhaps...let's get rid of that.

>
> >Suggested-by: Maxwell Doose <m32285159@gmail.com>
> >Reviewed-by: Wei Yang <richard.weiyang@gmail.com>
>
> Hmm... I didn't see your change before, so I can't reviewed yet.
>
> It is not proper to add RB by yourself.

No clue how this got added. Lucas, please remove this tag, as Wei
didn't give an RB.

>
> >Signed-off-by: Lucas Poupeau <lucasp.linux@gmail.com>
>

Lucas, make sure you add the changes Wei asked for as well.

>
> >---
> > tools/include/linux/string.h | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> >diff --git a/tools/include/linux/string.h b/tools/include/linux/string.h
> >index 51ad3cf4fa82..d6e53109e786 100644
> >--- a/tools/include/linux/string.h
> >+++ b/tools/include/linux/string.h
> >@@ -12,7 +12,7 @@ void argv_free(char **argv);
> >
> > int strtobool(const char *s, bool *res);
> >
> >-#define strscpy strcpy
> >+ssize_t strscpy(char *dest, const char *src, size_t count);
> >
>
> You mean add proper implementation, but this is just a declaration.
> Where is the definition in tools/lib/string.c? Something is missed?
>
> After applying your patch, I got this when build tools/testing/memblock.
>
>
> memblock.c: In function ‘reserved_mem_add’:
> memblock.c:2464:9: error: too few arguments to function ‘strscpy’
>  2464 |         strscpy(map->name, name);
>       |         ^~~~~~~
> In file included from ./linux/kernel.h:11,
>                  from memblock.c:9:
> ../../include/linux/string.h:16:9: note: declared here
>    16 | ssize_t strscpy(char *dest, const char *src, size_t count);
>       |         ^~~~~~~
> make: *** [<builtin>: memblock.o] Error 1
>

Ah...seems like a signature mismatch. Too bad testing/memblock is
reliant on this crap macro now... Lucas, make sure when you're testing
this that you build the ENTIRE kernel, since there may be hidden
dependencies like this.

best regards,
max



> > /*
> >  * glibc based builds needs the extern while uClibc doesn't.
> >--
> >2.54.0
>
> --
> Wei Yang
> Help you, Help me

[PATCH] tools: include: add proper strscpy() declaration

[Lucas Poupeau]

Currently, strscpy() is defined as a macro for strcpy() in the tools
headers. This is unsafe and prevents using the real strscpy() logic
that provides better buffer overflow protection.

Remove the macro hack and add a proper extern declaration for
strscpy(). This allows tools to use the safer string copying API
once the implementation is provided.

Suggested-by: Maxwell Doose <m32285159@gmail.com>
Signed-off-by: Lucas Poupeau <lucasp.linux@gmail.com>
---
 tools/include/linux/string.h |  5 ++++-
 tools/lib/string.c           | 37 ++++++++++++++++++++++++++++++++++++
 2 files changed, 41 insertions(+), 1 deletion(-)

diff --git a/tools/include/linux/string.h b/tools/include/linux/string.h
index 51ad3cf4fa82..4f3547d0cd84 100644
--- a/tools/include/linux/string.h
+++ b/tools/include/linux/string.h
@@ -12,7 +12,6 @@ void argv_free(char **argv);
 
 int strtobool(const char *s, bool *res);
 
-#define strscpy strcpy
 
 /*
  * glibc based builds needs the extern while uClibc doesn't.
@@ -30,6 +29,10 @@ extern size_t strlcpy(char *dest, const char *src, size_t size);
 #endif
 #endif
 
+extern ssize_t strscpy(char *dest, const char *src, size_t count);
+
+char *str_error_r(int errnum, char *buf, size_t buflen);
+
 char *str_error_r(int errnum, char *buf, size_t buflen);
 
 char *strreplace(char *s, char old, char new);
diff --git a/tools/lib/string.c b/tools/lib/string.c
index 3126d2cff716..12fabbe583cf 100644
--- a/tools/lib/string.c
+++ b/tools/lib/string.c
@@ -36,6 +36,43 @@ void *memdup(const void *src, size_t len)
 	return p;
 }
 
+/**
+ * strscpy - Copy a C-string into a sized buffer
+ * @dest: Where to copy the string to
+ * @src: Where to copy the string from
+ * @count: Size of destination buffer
+ *
+ * Copy the source string to the destination buffer. The result is
+ * always a valid NUL-terminated string that fits in the buffer.
+ *
+ * Return:
+ * * The number of characters copied (not including the trailing NUL)
+ * * -E2BIG if count is 0 or @src was truncated.
+ */
+ssize_t strscpy(char *dest, const char *src, size_t count)
+{
+	size_t res = 0;
+
+	if (count == 0)
+		return -E2BIG;
+
+	while (count) {
+		char c = src[res];
+
+		dest[res] = c;
+		if (!c)
+			return res;
+		res++;
+		count--;
+	}
+
+	/* Hit buffer length without finding a NUL; force NUL-termination. */
+	if (res)
+		dest[res-1] = '\0';
+
+	return -E2BIG;
+}
+
 /**
  * strtobool - convert common user inputs into boolean values
  * @s: input string
-- 
2.54.0

Re: [PATCH] tools: include: add proper strscpy() declaration

[Maxwell Doose]

On Mon, May 4, 2026 at 4:23 PM Lucas Poupeau <lucasp.linux@gmail.com> wrote:
>
> Currently, strscpy() is defined as a macro for strcpy() in the tools
> headers. This is unsafe and prevents using the real strscpy() logic
> that provides better buffer overflow protection.
>
> Remove the macro hack and add a proper extern declaration for
> strscpy(). This allows tools to use the safer string copying API
> once the implementation is provided.
>
> Suggested-by: Maxwell Doose <m32285159@gmail.com>
> Signed-off-by: Lucas Poupeau <lucasp.linux@gmail.com>
>
[snip]
>
> +extern ssize_t strscpy(char *dest, const char *src, size_t count);
> +
> +char *str_error_r(int errnum, char *buf, size_t buflen);
> +
>  char *str_error_r(int errnum, char *buf, size_t buflen);
>

Looks like you have a duplicate definition here.

best regards,
max




>
>  char *strreplace(char *s, char old, char new);
> diff --git a/tools/lib/string.c b/tools/lib/string.c
> index 3126d2cff716..12fabbe583cf 100644
> --- a/tools/lib/string.c
> +++ b/tools/lib/string.c
> @@ -36,6 +36,43 @@ void *memdup(const void *src, size_t len)
>         return p;
>  }
>
> +/**
> + * strscpy - Copy a C-string into a sized buffer
> + * @dest: Where to copy the string to
> + * @src: Where to copy the string from
> + * @count: Size of destination buffer
> + *
> + * Copy the source string to the destination buffer. The result is
> + * always a valid NUL-terminated string that fits in the buffer.
> + *
> + * Return:
> + * * The number of characters copied (not including the trailing NUL)
> + * * -E2BIG if count is 0 or @src was truncated.
> + */
> +ssize_t strscpy(char *dest, const char *src, size_t count)
> +{
> +       size_t res = 0;
> +
> +       if (count == 0)
> +               return -E2BIG;
> +
> +       while (count) {
> +               char c = src[res];
> +
> +               dest[res] = c;
> +               if (!c)
> +                       return res;
> +               res++;
> +               count--;
> +       }
> +
> +       /* Hit buffer length without finding a NUL; force NUL-termination. */
> +       if (res)
> +               dest[res-1] = '\0';
> +
> +       return -E2BIG;
> +}
> +
>  /**
>   * strtobool - convert common user inputs into boolean values
>   * @s: input string
> --
> 2.54.0
>

Re: [PATCH] tools: include: add proper strscpy() declaration

[Maxwell Doose]

On Mon, May 4, 2026 at 4:38 PM Maxwell Doose <m32285159@gmail.com> wrote:
>
> On Mon, May 4, 2026 at 4:23 PM Lucas Poupeau <lucasp.linux@gmail.com> wrote:
> >
> > Currently, strscpy() is defined as a macro for strcpy() in the tools
> > headers. This is unsafe and prevents using the real strscpy() logic
> > that provides better buffer overflow protection.
> >
> > Remove the macro hack and add a proper extern declaration for
> > strscpy(). This allows tools to use the safer string copying API
> > once the implementation is provided.
> >
> > Suggested-by: Maxwell Doose <m32285159@gmail.com>
> > Signed-off-by: Lucas Poupeau <lucasp.linux@gmail.com>
> >
> [snip]
> >
> > +extern ssize_t strscpy(char *dest, const char *src, size_t count);
> > +
> > +char *str_error_r(int errnum, char *buf, size_t buflen);
> > +
> >  char *str_error_r(int errnum, char *buf, size_t buflen);
> >
>
> Looks like you have a duplicate definition here.
>
> best regards,
> max
>

Also would be worth checking sashiko's report:
https://sashiko.dev/#/patchset/20260504212301.63750-1-lucasp.linux%40gmail.com

best regards,
max

Re: [PATCH] tools: include: add proper strscpy() declaration

[Maxwell Doose]

On Mon, May 4, 2026 at 4:47 PM Maxwell Doose <m32285159@gmail.com> wrote:
>
> On Mon, May 4, 2026 at 4:38 PM Maxwell Doose <m32285159@gmail.com> wrote:
> >
> > On Mon, May 4, 2026 at 4:23 PM Lucas Poupeau <lucasp.linux@gmail.com> wrote:
> > >
> > > Currently, strscpy() is defined as a macro for strcpy() in the tools
> > > headers. This is unsafe and prevents using the real strscpy() logic
> > > that provides better buffer overflow protection.
> > >
> > > Remove the macro hack and add a proper extern declaration for
> > > strscpy(). This allows tools to use the safer string copying API
> > > once the implementation is provided.
> > >
> > > Suggested-by: Maxwell Doose <m32285159@gmail.com>
> > > Signed-off-by: Lucas Poupeau <lucasp.linux@gmail.com>
> > >
> > [snip]
> > >
> > > +extern ssize_t strscpy(char *dest, const char *src, size_t count);
> > > +
> > > +char *str_error_r(int errnum, char *buf, size_t buflen);
> > > +
> > >  char *str_error_r(int errnum, char *buf, size_t buflen);
> > >
> >
> > Looks like you have a duplicate definition here.
> >
> > best regards,
> > max
> >
>
> Also would be worth checking sashiko's report:
> https://sashiko.dev/#/patchset/20260504212301.63750-1-lucasp.linux%40gmail.com
>

By the way, Wei gave you the greenlight to go forward with this so
make sure to add:

Fixes: 9e3d665 ("memblock test: fix implicit declaration of function 'strscpy'")

but maybe note that this doesn't need to be backported.

> best regards,
> max