Re: [PATCH] tools: include: add proper strscpy() declaration

[Maxwell Doose]

On Mon, May 4, 2026 at 4:23 PM Lucas Poupeau <lucasp.linux@xxxxxxxxx> wrote:
>
> Currently, strscpy() is defined as a macro for strcpy() in the tools
> headers. This is unsafe and prevents using the real strscpy() logic
> that provides better buffer overflow protection.
>
> Remove the macro hack and add a proper extern declaration for
> strscpy(). This allows tools to use the safer string copying API
> once the implementation is provided.
>
> Suggested-by: Maxwell Doose <m32285159@xxxxxxxxx>
> Signed-off-by: Lucas Poupeau <lucasp.linux@xxxxxxxxx>
>
[snip]
>
> +extern ssize_t strscpy(char *dest, const char *src, size_t count);
> +
> +char *str_error_r(int errnum, char *buf, size_t buflen);
> +
>  char *str_error_r(int errnum, char *buf, size_t buflen);
>

Looks like you have a duplicate definition here.

best regards,
max




>
>  char *strreplace(char *s, char old, char new);
> diff --git a/tools/lib/string.c b/tools/lib/string.c
> index 3126d2cff716..12fabbe583cf 100644
> --- a/tools/lib/string.c
> +++ b/tools/lib/string.c
> @@ -36,6 +36,43 @@ void *memdup(const void *src, size_t len)
>         return p;
>  }
>
> +/**
> + * strscpy - Copy a C-string into a sized buffer
> + * @dest: Where to copy the string to
> + * @src: Where to copy the string from
> + * @count: Size of destination buffer
> + *
> + * Copy the source string to the destination buffer. The result is
> + * always a valid NUL-terminated string that fits in the buffer.
> + *
> + * Return:
> + * * The number of characters copied (not including the trailing NUL)
> + * * -E2BIG if count is 0 or @src was truncated.
> + */
> +ssize_t strscpy(char *dest, const char *src, size_t count)
> +{
> +       size_t res = 0;
> +
> +       if (count == 0)
> +               return -E2BIG;
> +
> +       while (count) {
> +               char c = src[res];
> +
> +               dest[res] = c;
> +               if (!c)
> +                       return res;
> +               res++;
> +               count--;
> +       }
> +
> +       /* Hit buffer length without finding a NUL; force NUL-termination. */
> +       if (res)
> +               dest[res-1] = '\0';
> +
> +       return -E2BIG;
> +}
> +
>  /**
>   * strtobool - convert common user inputs into boolean values
>   * @s: input string
> --
> 2.54.0
>