Re: PATCH: safe string copy and concetation

[Ulrich Drepper <drepper at redhat dot com>]

Christoph Hellwig <hch@caldera.de> writes:

> memcpy for strings is plain ugly. memcpy will not null-terminate
> your strings and led to source-bloat. 

This is why you use

	*((char *) mempcpy (dst, src, n)) = '\0';

Which is more efficient than any of the str*() functions when
concatenating multi strings since the NUL termination only has to be
done at the end.

> There are some people outhere that like clean and safe solutions
> better than fast ones ...

Dammit, it is not safe.  It hides bugs in programs.  If a string is
too long for an allocated memory block the copying must not simply
silently stop.  Instead the program must reallocate or signal an
error.  I can construct you cases where the use of these stupid
functions is creating new security problem.

> What's the problem with strlcat.
> strcat is insecure and strncat inconsecuent, but strlcat?

Do I have to repeat myself?  Every program which is handling strings
has to know how long they are.  Therefore it is incredibly stupid to
use strcat or any of its variants since one knows where the end of the
destination string is.  It seems you never ever spent a single second
thinking about these issues.

-- 
---------------.                          ,-.   1325 Chesapeake Terrace
Ulrich Drepper  \    ,-------------------'   \  Sunnyvale, CA 94089 USA
Red Hat          `--' drepper at redhat.com   `------------------------