Re: [PATCH v3 07/18] rtla: Add strscpy() and replace strncpy() calls

From: Wander Lairson Costa

Date: Tue Mar 03 2026 - 06:11:46 EST

On Mon, Mar 2, 2026 at 11:33 AM Tomas Glozar <tglozar@xxxxxxxxxx> wrote:
>
> čt 15. 1. 2026 v 18:26 odesílatel Wander Lairson Costa
> <wander@xxxxxxxxxx> napsal:
> >
> > Introduce a userspace strscpy() implementation that matches the Linux
> > kernel's strscpy() semantics. The function is built on top of glibc's
> > strlcpy() and provides guaranteed NUL-termination along with proper
> > truncation detection through its return value.
> >
> > The previous strncpy() calls had potential issues: strncpy() does not
> > guarantee NUL-termination when the source string length equals or
> > exceeds the destination buffer size. This required defensive patterns
> > like pre-zeroing buffers or manually setting the last byte to NUL.
> > The new strscpy() function always NUL-terminates the destination buffer
> > unless the size is zero, and returns -E2BIG on truncation, making error
> > handling cleaner and more consistent with kernel code.
> >
> > Note that unlike the kernel's strscpy(), this implementation uses
> > strlcpy() internally, which reads the entire source string to determine
> > its length. The kernel avoids this to prevent potential DoS attacks from
> > extremely long untrusted strings. This is harmless for a userspace CLI
> > tool like rtla where input sources are bounded and trusted.
> >
>
> strlcpy() was only added in glibc 2.38 [1]. It is thus not available
> on systems with older glibc, like RHEL 9. Using it for strscpy()
> implementation causes RTLA to fail to build on those systems.
>

Thanks for pointing this. I will fix that in v4.

> [1] https://www.gnu.org/software/gnulib/manual/html_node/strlcpy.html
>
> > Replace all strncpy() calls in rtla with strscpy(), using sizeof() for
> > buffer sizes instead of magic constants to ensure the sizes stay in
> > sync with the actual buffer declarations. Also remove a now-redundant
> > memset() call that was previously needed to work around strncpy()
> > behavior.
> >
> > Signed-off-by: Wander Lairson Costa <wander@xxxxxxxxxx>
> > ---
> > tools/tracing/rtla/src/timerlat_aa.c | 6 ++---
> > tools/tracing/rtla/src/utils.c | 34 ++++++++++++++++++++++++++--
> > tools/tracing/rtla/src/utils.h | 1 +
> > 3 files changed, 36 insertions(+), 5 deletions(-)
> >
>
> Tomas
>