June 28, 2026

Copy, paste, and pure chaos

Article URL →HN comments →

Linux Kills Strncpy

Linux dumps a notorious old text-copy tool and the comments instantly split into chaos

TLDR: Linux spent six years removing an old text-copy tool from the kernel because it often caused dangerous mistakes. Commenters immediately turned it into a fight over confusing wording, Linux doing things its own way, and even whether the blog page itself was more offensive than the code.

Linux has officially shown the door to strncpy, an old C language text-copy function that has been blamed for confusion, bugs, and some very nasty security mistakes. In plain English: this was one of those old tools that looked safe on paper but kept tripping people up in practice. After six years and more than 360 patches, the Linux kernel team replaced it with newer options that are clearer about what they do and less likely to create dangerous mistakes.

But the real show was in the comments, where the crowd immediately turned this cleanup into a mini soap opera. One of the first reactions was pure panic control: hold on, this is the Linux kernel, not all of Linux software. jmclnx rushed in to clarify that removing it from the wider C library would be "awful," then even had to correct "glib" to glibc, which is peak comment-thread energy. Another user delivered the classic internet eye-roll by posting a "previously on Hacker News" link, because of course this debate had already happened somewhere else.

Then came the hot take machine. rakel_rakel basically accused Linux of being Linux about Linux, sniping that the project ignored a more widely used option and chose its own special replacement instead: "You do you!" Meanwhile, rho138 skipped the code drama entirely and went for the site itself, joking that the WordPress page had more ads than Ars Technica. And in true hacker-forum fashion, one commenter used the whole thing as an opening to promote a personal toy library. So yes, Linux retired a risky old function — and the community responded with nitpicks, tribalism, ad complaints, and side quests.

Key Points

  • The article says unsafe use of C string functions has led to buffer overruns and security vulnerabilities in the Linux kernel.
  • `strcpy()` is described as dangerous because it copies until a NUL terminator is found, which can overwrite memory if the source is too large or unterminated.
  • The article says `strncpy()` avoided some overflows but often failed to NUL-terminate destination strings and also performed unwanted NUL padding.
  • According to the article, removing `strncpy()` from the Linux kernel took six years and more than 360 patches.
  • The article identifies `strscpy()` as the main replacement, with `strscpy_pad()` and other APIs used to separate safe string copying from fixed-size memory padding behavior.

Hottest takes

"Removing strncpy() from glib would be awful" — jmclnx
"exactly what I would expect from Linux. You do you!" — rakel_rakel
"more ads than arstechnica" — rho138

Save News

Made with <3 by @siedrix and @shesho from CDMX. Powered by Forge&Hive.