On Wed, Oct 11, 2023 at 09:29:57PM +0000, Justin Stitt wrote: > In total, just assigning this version string takes: > (1) strncpy()'s > (5) strlen()'s > (3) strncat()'s > (1) snprintf()'s > (4) max_t()'s > > Moreover, `strncpy` is deprecated [1] and `strncat` really shouldn't be > used either [2]. With this in mind, let's simply use a single > `snprintf`. Yes, please! readability++ > > Link: https://www.kernel.org/doc/html/latest/process/deprecated.html#strncpy-on-nul-terminated-strings [1] > Link: https://elixir.bootlin.com/linux/v6.6-rc5/source/include/linux/fortify-string.h#L448 [2] > Link: https://github.com/KSPP/linux/issues/90 > Cc: linux-hardening@xxxxxxxxxxxxxxx > Cc: Kees Cook <keescook@xxxxxxxxxxxx> > Signed-off-by: Justin Stitt <justinstitt@xxxxxxxxxx> Reviewed-by: Kees Cook <keescook@xxxxxxxxxxxx> -- Kees Cook
