> Date: Tue, 10 Feb 2009 17:14:07 +0100 > From: Roland Mainz <roland.mainz at nrubsig.org> > > James Carlson wrote: >> Casper Dik writes: >> > char *stpcpy(char *restrict s1, const char *restrict s2); >> > char *stpncpy(char *restrict s1, const char *restrict s2, size_t n); >> > wchar_t *wcpcpy(wchar_t restrict *ws1, const wchar_t *restrict ws2); >> > wchar_t *wcpncpy(wchar_t restrict *ws1, const wchar_t *restrict ws2, >> size_t >> > n); >> >> The lint maintainers be notified so that they can add stpcpy and >> wcpcpy to their list of security-questionable functions warned about >> via -errsecurity. (At least file an RFE.) > > Erm... are both |strcpy()| and |strcat()| in this list, too ? > >> This looks to me like a standards-related blunder. "stpncpy" and >> "wcpncpy" functionality (strncpy-like zero pad to end of the buffer, >> *and* leaving full destination buffers unterminated) doesn't seem to >> make much sense in this context. > > My primary interest was |stpcpy()| to get performance of the locale > codepaths fixed (we assume that we check at the _beginning_ that all > allocated buffers have sufficient size (since the use of something like > |stplcpy()| would completely kill the performance advantage since more > registers and more operations are required for string copies)). Right > now these codepaths are seveal _factors_ (more than 2x) _slower_ than on > Linux and one of the primary "root cause" is the over-use of inefficient > buffer handling (whic hwe try to partially address with the use of > |stpcpy()|). > >> I think it's a shame they didn't do stplcpy and wcplcpy instead. Do >> we have anyone involved in the standards process who could add >> comments?
During the last revision cycle, the committee received requests to explicitly add these functions because they are widely used in Linux application programming and were a portability problem for people porting code from Linux systems to POSIX/UNIX platforms. I don't remember any requests to add stplcpy() and wclpcpy(). If they had been suggested we could easily have added them as well, but the cross platform portability consideration concerns would still have been enough to add the function that were added. > > Don Cragun was RIF'ed and right now I don't know anyone at Sun who can > be queried for standards issues. Even though I am no longer at Sun, I'm still interested in OpenSolaris. I'm remaining involved in Austin Group activities on my own dime. - Don > > ---- > > Bye, > Roland
