Developer Tools3 min read
Linux kernel removes strncpy API after six years and 360 patches
Tags OSS · Infrastructure · Enterprise
Phoronix·
The Linux kernel has officially removed the strncpy function after a six-year effort involving approximately 360 patches. The API, long considered unsafe and prone to buffer-related bugs, has been systematically replaced with safer alternatives throughout the kernel codebase. The removal lands in Linux 7.2 and represents one of the larger API cleanup efforts in kernel history.
Technical significance
Removing strncpy from the kernel eliminates a class of buffer overflow vulnerabilities at the OS level. The six-year, 360-patch effort demonstrates the scale of technical debt in core OS codebases and the sustained engineering required to eliminate unsafe C APIs from production systems.