This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH v4] Implement strlcpy [BZ #178]
- From: Paul Eggert <eggert at cs dot ucla dot edu>
- To: Rich Felker <dalias at libc dot org>, Florian Weimer <fweimer at redhat dot com>
- Cc: GNU C Library <libc-alpha at sourceware dot org>
- Date: Tue, 3 Nov 2015 15:12:47 -0800
- Subject: Re: [PATCH v4] Implement strlcpy [BZ #178]
- Authentication-results: sourceware.org; auth=none
- References: <56326B79 dot 8070804 at redhat dot com> <563294BE dot 9070105 at cs dot ucla dot edu> <56376656 dot 1000600 at redhat dot com> <20151103161550 dot GP8645 at brightrain dot aerifal dot cx>
On 11/03/2015 08:15 AM, Rich Felker wrote:
I do think this is
guaranteed by other implementations, in terms of both actual behavior
and the implicit requirement not to clobber memory the function is not
specified to clobber.
I don't see any such implicit requirement, so I agree with Florian here.
My impression all along has been that when a function is given an output
buffer, it can write whatever it likes to the output buffer, so long as
the buffer has the proper value when the function returns. In
particular, the caller can't expect the buffer's irrelevant bytes (i.e.,
bytes not part of the output value) to be preserved. I see nothing in
POSIX or in the BSD documentation that requires preservation of
irrelevant bytes, either for strlcpy or for POSIX functions in general.
So, for example, on POSIX implementations where struct timespec has
padding bytes, a caller cannot expect clock_gettime(CLOCK_REALTIME, &ts)
to preserve ts's padding bytes, because POSIX doesn't say irrelevant
bytes are preserved.
If there's doubt we should clarify with the authors of the original.
This is not an issue that OpenBSD implementers can unilaterally decide
now. "Ooops, there's an nonobvious strlcpy feature that we forgot to
write down, but all implementations are required to support it
anyway."?!? Sorry, but no. That shouldn't work for clock_gettime, and it
shouldn't work for strlcpy either.