From owner-freebsd-hackers Thu Jul 15 15:50:45 1999 Delivered-To: freebsd-hackers@freebsd.org Received: from dingo.cdrom.com (dingo.cdrom.com [204.216.28.145]) by hub.freebsd.org (Postfix) with ESMTP id A6788155E8 for ; Thu, 15 Jul 1999 15:50:43 -0700 (PDT) (envelope-from mike@dingo.cdrom.com) Received: from dingo.cdrom.com (localhost.cdrom.com [127.0.0.1]) by dingo.cdrom.com (8.9.3/8.8.8) with ESMTP id PAA01458; Thu, 15 Jul 1999 15:44:51 -0700 (PDT) (envelope-from mike@dingo.cdrom.com) Message-Id: <199907152244.PAA01458@dingo.cdrom.com> X-Mailer: exmh version 2.0.2 2/24/98 To: Tim Vanderhoek Cc: Sheldon Hearn , Garance A Drosihn , Paul Hart , freebsd-hackers@FreeBSD.org Subject: Re: OpenBSD's strlcpy(3) and strlcat(3) In-reply-to: Your message of "Thu, 15 Jul 1999 18:34:42 EDT." <19990715183442.A53661@mad> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Thu, 15 Jul 1999 15:44:51 -0700 From: Mike Smith Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > On Fri, Jul 16, 1999 at 12:15:31AM +0200, Sheldon Hearn wrote: > > > > As I understand it, the goal here is to return to the caller the number > > of bytes copied (however you represent it), so that the caller can > > easily determine whether or not dst is safe for operations demanding a > > null-terminated string. > [...] > > size_t > > fooncat(char *s, const char *append, size_t count) > > > > where the return value is the number of bytes {copied,appended}. > > Eeks! This will quickly lead to code like > > if (fooncat(string, append, sizeof(string)) != strlen(append)) > ... > > which is rather evil, given that the second strlen(append) would be > completely gratuitous if it weren't for the interface you're > suggesting. What's really stupid is that most of the time you're trying to use these functions to fix code that looks like: strcpy(buf, str1); strcat(buf, str2); strcat(buf, str3); without overflowing buf. This is dumb! Use asprintf instead: asprinf(&buf, "%s%s%s", str1, str2, str3); If you can't keep all of the string elements together at once, try: asprinf(&buf, "%s%s", str1, str2); ... asprintf(&buf2, "%s%s", buf, str3); free(buf); No, it's not fast, but it _is_ robust. -- \\ The mind's the standard \\ Mike Smith \\ of the man. \\ msmith@freebsd.org \\ -- Joseph Merrick \\ msmith@cdrom.com To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message