Kernel buffer overflow exposes iPhone 11 Pro to radio based attacks

[Patrick Schluter]

On Wednesday, 2 December 2020 at 17:52:29 UTC, H. S. Teoh wrote:
> An equally bad thing about C strings is that utterly evil 
> function known as strncpy.  Why is it evil?  Because it comes 
> with the warning that the result may not be terminated if the 
> target buffer is not large enough to contain the entire string.
>  And guess how many people gloss over or simply forget that 
> detail?  Yep, I've fixed a whole bunch of bugs caused by that.
>

The only sin of strncpy() is its name. The problem is that people 
think it is a string function (even you fell for it), but it 
never was a string function, it is a buffer function and a 
mem*/buf* prefix would have gone a long way to avoid its misuse 
as a string function. Beyond its truncation feature, it has a 
second functionality that most people do not know and that make 
it definitely different from the string function, it overwrites 
the whole buffer with 0 to the end of it, making it often a 
performance hog:

     char buffer[32000];
     strncpy(buffer, "a", sizeof buffer);

will write 32000 characters.
Historically it was invented for early Unix, to write the 
filename in the directory entry, which was size 14 at that time.

      strncpy(direntry, filename, 14);

strncpy() has its uses, but it is important to know, that it is 
NOT a string function. The new warning in gcc since version 9 is 
annoying and has to be shut up in some cases (with pragmas) as 
there are legitimate uses of strncpy (unlike gets(), which is 
always wrong)

Except for that, I completely agree with the rest of your rant.