On Thu, Nov 02, 2023 at 11:02:35PM +0100, Philipp Stanner wrote: > We introduced those wrappers to string.h hoping they will be useful. > Now that they're merged, I quickly wanted to establish them as the > standard for copying user-arrays, ideally in the current merge window. > Because its convenient, easy to read and, at times, safer. They also save future readers a git grep to find the sizes, etc. Again, the only suggestion is that regarding the commit message; _some_ of those might end up fixing real overflows and you obviously want to see how far do those need to be backported, etc. And "in this case the overflow doesn't actually happen because <reasons>, but not having to do such analysis is a good thing" is not a bad explanation why the primitive in question is useful, IMO. Granted, in cases like 256 * sizeof(u32) that would be pointless, but for the ones that are less obvious... > I just didn't see it in ppp. Maybe I should have looked more > intensively for all 13 patches. But we'll get there, that's what v2 and > v3 are for :) In any case you want to check if there are real bugs caught in that.
