Ever since PolarSSL in 3ac1b2d, the interface to get the PolarSSL then Mbed TLS version string has been:

/**
 * Get the version string ("x.y.z").
 *
 * \param string    The string that will receive the value.
 *                  (Should be at least 9 bytes in size)
 */
void mbedtls_version_get_string(char *string);

/**
 * Get the full version string ("Mbed TLS x.y.z").
 *
 * \param string    The string that will receive the value. The Mbed TLS version
 *                  string will use 18 bytes AT MOST including a terminating
 *                  null byte.
 *                  (So the buffer should be at least 18 bytes to receive this
 *                  version string).
 */
void mbedtls_version_get_string_full(char *string);

As noted by Bence this is fragile and overly complex. We could just return a global string instead.

(The macro isn't good enough because applications need the version of the library they're running on, not the version they were compiled against.)

We aren't going to change to constructing the version string dynamically from parts. That would take more code than the string. So we don't need the additional flexibility.

If we were doing this from scratch, I think we should make it

const char *mbedtls_version_get_string(void);
const char *mbedtls_version_get_string_full(void);

Both functions returning globals.

For the sake of applications that want to support both Mbed TLS 3.x and 4.x, we may want to maintain compatibility and introduce the new functions with the new name. On the other hand, application compatibility is already possible by calling mbedtls_version_get_number() first.