Linux eliminates the strncpy API after six years of work, 360 patches

252 points · 242 comments on HN · read original →

Points and comments are a snapshot, not live.

Linux kernel removes strncpy API after six-year migration effort.

Linux 7.2 has eliminated the strncpy API from the kernel following six years of work and approximately 362 patches. The function had been a persistent source of bugs due to counter-intuitive semantics around NUL termination and performance issues from redundant zero-filling. Developers replaced it with safer alternatives: strscpy(), strscpy_pad(), strtomem_pad(), memcpy_and_pad(), and memcpy(). The final merge removed the last per-CPU architecture implementations.

What commenters are saying

Commenters split on whether null-terminated strings or null pointers themselves are the root problem. One camp argues that Pascal-style length-prefixed strings were safer, while another contends that null is a necessary invalid-value concept that type systems should handle with sum types like optional. Several experienced C programmers defend the language's approach, others call that mindset a cause of decades of security bugs.