From: "Alejandro Colomar (man-pages)" <alx.manpages@gmail.com>
To: glibc <libc-alpha@sourceware.org>
Cc: tech@openbsd.org, Christoph Hellwig <hch@lst.de>,
"linux-kernel@vger.kernel.org" <linux-kernel@vger.kernel.org>
Subject: Re: [RFC] strcpys(): New function for copying strings safely
Date: Sun, 27 Jun 2021 21:46:38 +0200 [thread overview]
Message-ID: <38428d5e-ead2-bf18-e198-cecd4caeb3e7@gmail.com> (raw)
In-Reply-To: <755875ec-baae-6cab-52a8-3c9530db1ce6@gmail.com>
On 6/27/21 9:26 PM, Alejandro Colomar (man-pages) wrote:
>
> It is designed so that usage requires the minimum number of lines of
> code for complete usage (including error handling checks):
>
> [[
> // When we already checked that 'size' is >= 1
> // and truncation is not an issue:
>
> strcpys_np(size, dest, src, NULL);
Also, given how unlikely this case is, I have in my code:
`[[gnu::warn_unused_result]]`
I forgot to talk about it in the definition I sent. I would put that
attribute in the glibc definition, if this is added to glibc.
To ignore it, a simple cast of the result to `(void)` should be enough
(or a more complex macro, like `UNUSED(strcpys_np(...));`).
>
> [[
>
> #include <string.h>
> #include <sys/types.h>
>
>
> [[gnu::nonnull]]
> ssize_t strscpy_np(ssize_t size,
> char dest[static restrict size],
> const char src[static restrict size])
> {
> ssize_t len;
>
> if (size <= 0)
> return -1;
>
> len = strnlen(src, size - 1);
> memcpy(dest, src, len);
> dest[len] = '\0';
>
> return len;
> }
>
> [[gnu::nonnull(2, 3)]]
[[gnu::warn_unused_result]]
> int strcpys_np(ssize_t size,
> char dest[static restrict size],
> const char src[static restrict size],
> ssize_t *restrict len)
> {
> ssize_t l;
>
> l = strscpy_np(size, dest, src);
> if (len)
> *len = l;
>
> if (l == -1)
> return -1;
> if (l >= size)
> return 1;
> return 0;
> }
>
> ]]
--
Alejandro Colomar
Linux man-pages comaintainer; https://www.kernel.org/doc/man-pages/
http://www.alejandro-colomar.es/
next prev parent reply other threads:[~2021-06-27 19:46 UTC|newest]
Thread overview: 6+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-06-27 19:26 [RFC] strcpys(): New function for copying strings safely Alejandro Colomar (man-pages)
2021-06-27 19:46 ` Alejandro Colomar (man-pages) [this message]
2021-06-28 8:15 ` David Laight
2021-06-28 11:32 ` Alejandro Colomar (man-pages)
2021-06-28 12:00 ` Alejandro Colomar (man-pages)
2021-06-28 12:10 ` Alejandro Colomar (man-pages)
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=38428d5e-ead2-bf18-e198-cecd4caeb3e7@gmail.com \
--to=alx.manpages@gmail.com \
--cc=hch@lst.de \
--cc=libc-alpha@sourceware.org \
--cc=linux-kernel@vger.kernel.org \
--cc=tech@openbsd.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.