On 11/25/14 19:14, enh wrote: > strncat is a pain to use because the last argument is the remaining > space in the buffer, not the buffer size. sadly glibc doesn't have > strlcat...
I went back to poke at this and remembered the _other_ reason I didn't use strlcpy() and strlcat(): I decided to use xstrncpy() and xstrncat() instead, because silently truncating the input is usually an error, it still means we're working with the wrong data. If the buffer doesn't fit, die loudly. (For the cases where we _are_ intentionally truncating, memcpy() exists.) (The fact it means I don't have to worry about strlcpy() namespace issues in portability.* is just a fringe benefit. :) > diff --git a/toys/other/mountpoint.c b/toys/other/mountpoint.c > index 29b8ae6..6124129 100644 > --- a/toys/other/mountpoint.c > +++ b/toys/other/mountpoint.c And toys/pending/netstat.c is using it too. And a dozen things are using strncpy(), which should not gratuitously dirty its entire buffer range (faulting in and evicting who knows how many cache lines, forcing physical page allocation... just "ew"). Strings are hard. Let's see, the "yes we want to truncate this" uses should be memcpy() with explicit null termination. Blah, I have half-finished patches to several of the files in "egrep -l strnc'(py|at)' lib/*.c toys/*/*.c" (especially since so many of them are in pending and I tend to do drive-by cleanups on that...) /me wanders off to fiddle with stuff... Rob _______________________________________________ Toybox mailing list [email protected] http://lists.landley.net/listinfo.cgi/toybox-landley.net
