This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH v4] Implement strlcpy [BZ #178]
- From: Florian Weimer <fweimer at redhat dot com>
- To: Rich Felker <dalias at libc dot org>
- Cc: Paul Eggert <eggert at cs dot ucla dot edu>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Wed, 4 Nov 2015 14:11:25 +0100
- Subject: Re: [PATCH v4] Implement strlcpy [BZ #178]
- Authentication-results: sourceware.org; auth=none
- References: <56326B79 dot 8070804 at redhat dot com> <563294BE dot 9070105 at cs dot ucla dot edu> <56376656 dot 1000600 at redhat dot com> <20151103161550 dot GP8645 at brightrain dot aerifal dot cx> <56393F6F dot 5070301 at cs dot ucla dot edu> <20151104005637 dot GR8645 at brightrain dot aerifal dot cx> <56397280 dot 4000805 at cs dot ucla dot edu> <20151104032321 dot GS8645 at brightrain dot aerifal dot cx>
On 11/04/2015 04:23 AM, Rich Felker wrote:
> There's certainly existing code that relies on strcpy not clobbering
> anything past the strlen(src)+1 bytes it writes. Naturally strcpy
> _can't_ do this because it has no way of knowing the dest buffer size.
> But to be able to use strlcpy as a safer drop-in replacement in such
> code, it would need to preserve this property.
Good. I'm now convinced that there is such a requirement for strcpy,
fgets and so on. I checked our documentation and the standard for
strcpy and fgets, and we do not explicitly specify this behavior
(although I agree it is implicit). My question is whether we should
specify this explicitly for strlcpy. It would give the impression that
strlcpy is special in this regard, but it really is not.
Florian