Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 15 Jul 1999 15:44:51 -0700
From:      Mike Smith <mike@smith.net.au>
To:        Tim Vanderhoek <vanderh@ecf.utoronto.ca>
Cc:        Sheldon Hearn <sheldonh@uunet.co.za>, Garance A Drosihn <drosih@rpi.edu>, Paul Hart <hart@iserver.com>, freebsd-hackers@FreeBSD.org
Subject:   Re: OpenBSD's strlcpy(3) and strlcat(3) 
Message-ID:  <199907152244.PAA01458@dingo.cdrom.com>
In-Reply-To: Your message of "Thu, 15 Jul 1999 18:34:42 EDT." <19990715183442.A53661@mad>
next in thread | previous in thread | raw e-mail | index | archive | help 
> On Fri, Jul 16, 1999 at 12:15:31AM +0200, Sheldon Hearn wrote:
> > 
> > As I understand it, the goal here is to return to the caller the number
> > of bytes copied (however you represent it), so that the caller can
> > easily determine whether or not dst is safe for operations demanding a
> > null-terminated string.
> [...] 
> > size_t
> > fooncat(char *s, const char *append, size_t count)
> > 
> > where the return value is the number of bytes {copied,appended}.
> 
> Eeks!  This will quickly lead to code like
> 
> if (fooncat(string, append, sizeof(string)) != strlen(append))
>    ...
> 
> which is rather evil, given that the second strlen(append) would be
> completely gratuitous if it weren't for the interface you're
> suggesting.

What's really stupid is that most of the time you're trying to use 
these functions to fix code that looks like:

	strcpy(buf, str1);
	strcat(buf, str2);
	strcat(buf, str3);

without overflowing buf.  This is dumb!  Use asprintf instead:

	asprinf(&buf, "%s%s%s", str1, str2, str3);

If you can't keep all of the string elements together at once, try:

	asprinf(&buf, "%s%s", str1, str2);
	...
	asprintf(&buf2, "%s%s", buf, str3);
	free(buf);

No, it's not fast, but it _is_ robust.

-- 
\\  The mind's the standard       \\  Mike Smith
\\  of the man.                   \\  msmith@freebsd.org
\\    -- Joseph Merrick           \\  msmith@cdrom.com




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199907152244.PAA01458>