On Thu, Feb 21, 2019 at 2:49 AM Kees Cook <keesc...@chromium.org> wrote: > On Mon, Feb 18, 2019 at 3:24 PM Tobin C. Harding <to...@kernel.org> wrote: > > > > We have a function to copy strings safely and we have a function to copy > > strings _and_ zero the tail of the destination (if source string is > > shorter than destination buffer) but we do not have a function to do > > both at once. This means developers must write this themselves if they > > desire this functionality. This is a chore, and also leaves us open to > > off by one errors unnecessarily. > > > > Add a function that calls strscpy() then memset()s the tail to zero if > > the source string is shorter than the destination buffer.
> > +/* Wrapper function, no arch specific code required */ > > +ssize_t strscpy_zeroed(char *dest, const char *src, size_t count); > > bikeshed: I think "pad" is shorter and more descriptive. How about > something like strspad() strscpy_pad() or strscpy_zero()? (just to > shorten it slightly) zero / zeroed examples in the kernel have semantics of getting some area completely zeroed. OTOH pad means different and we have examples as well (see seq_pad() as one). So, I would definitely vote for _pad b/c of semantics. -- With Best Regards, Andy Shevchenko