On Mon, May 29, 2023 at 01:03:48AM +0200, Maximilian Luz wrote: > Add a ucs2_strlcpy() function for UCS-2 strings. The behavior is > equivalent to the standard strlcpy() function, just for 16-bit character > UCS-2 strings. Eek, no. strlcpy() is dangerous in multiple ways[1]. Please implement strscpy() (i.e. use strnlen(), negative error on truncation, etc). Additionally, it'd be nice of the ucs2 helpers here also implemented the rest of the CONFIG_FORTIFY_SOURCE mitigations (i.e. checking for source and destination buffer size overflows at compile-time and run-time with __builtin_object_size() and __builtin_dynamoc_object_size() respectively). -Kees [1] https://docs.kernel.org/process/deprecated.html#strlcpy -- Kees Cook
