Re: String functions considered unsafe in kernel

From: Ryan Stone <rysto32_at_gmail.com>
Date: Fri, 03 Sep 2021 17:45:41 UTC
It's straight-up a bug to do *anything* directly on a user-provided
string. You must use copyinstr to copy it into a kernel buffer first,
which guarantees null termination.  In legacy cases where a user
provided buffer could be legitimately not null-terminated, such as in
a struct sockaddr_un, developers must take care to null-terminate the
string themselves after copyin.