6ae08ae3dea2 ("bpf: Add probe_read_{user, kernel} and probe_read_{user, kernel}_str helpers") introduced a subtle bug where bpf_probe_read_user_str() would potentially copy a few extra bytes after the NUL terminator. This issue is particularly nefarious when strings are used as map keys, as seemingly identical strings can occupy multiple entries in a map. This patchset fixes the issue and introduces a selftest to prevent future regressions. Daniel Xu (2): lib/strncpy_from_user.c: Don't overcopy bytes after NUL terminator selftest/bpf: Test bpf_probe_read_user_str() strips trailing bytes after NUL lib/strncpy_from_user.c | 9 ++- .../bpf/prog_tests/probe_read_user_str.c | 60 +++++++++++++++++++ .../bpf/progs/test_probe_read_user_str.c | 34 +++++++++++ 3 files changed, 101 insertions(+), 2 deletions(-) create mode 100644 tools/testing/selftests/bpf/prog_tests/probe_read_user_str.c create mode 100644 tools/testing/selftests/bpf/progs/test_probe_read_user_str.c -- 2.28.0