This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH v2] Implement strlcpy [BZ #178]

On 09/17/2014 05:41 PM, Joseph S. Myers wrote:
On Wed, 17 Sep 2014, Florian Weimer wrote:

I misremembered what the GNU coding standards say about dynamically sized
buffers.  As far as I can tell, they recommend it not in general, but only as
a way to avoid unintentional copyright infringement.  That's why I didn't add
a reference to the coding standards.

   @node Semantics
   @section Writing Robust Programs

   @cindex arbitrary limits on data
   Avoid arbitrary limits on the length or number of @emph{any} data
   structure, including file names, lines, files, and symbols, by allocating
   all data structures dynamically.  In most Unix utilities, ``long lines
   are silently truncated''.  This is not acceptable in a GNU utility.

Thanks, I knew there was something in the standards. So I propose to add this change on top of the last one:

-However, to prevent accidental truncation of unexpectedly long values,
-it is often better to use dynamic memory allocation and functions such
-as @code{strdup} or @code{asprintf} to construct strings.
+@strong{Note:} GNU programs should not use statically sized buffers for
+storing strings.  @xref{Semantics, , Writing Robust Programs, standards,
+The GNU Coding Standards}.  Instead of using @code{strlcpy}, it is
+usually better to use dynamic memory allocation and functions such as
+@code{strdup} or @code{asprintf} to construct strings.

I have verified that the cross-reference comes out correctly in both the rendered HTML and the Info manual.

Florian Weimer / Red Hat Product Security

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]