Updated
Updated · Phoronix · Jun 18
Linux Drops strncpy API After 6 Years and 362 Commits for Kernel 7.2
Updated
Updated · Phoronix · Jun 18

Linux Drops strncpy API After 6 Years and 362 Commits for Kernel 7.2

1 articles · Updated · Phoronix · Jun 18

Summary

  • Linux has removed the strncpy API and the last per-CPU architecture implementations, closing a six-year cleanup in the code headed for kernel 7.2.
  • 362 commits drove the change because strncpy had long caused bugs through confusing NUL-termination behavior and wasted work by zero-filling destination buffers.
  • Kernel developers now direct code to use strscpy(), strscpy_pad(), strtomem_pad(), memcpy_and_pad(), or memcpy(), depending on whether copies need termination, padding, or fixed-length handling.
  • The removal caps a long-running hardening effort aimed at replacing a bug-prone legacy interface with more explicit, purpose-built memory-copy routines.

Insights

Linux took six years to remove one function. What hidden risks are lurking in other critical codebases we use every day?
As AI generates kernel exploits at machine speed, is removing one flawed function enough to secure Linux from these advanced threats?