This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH v4] Implement strlcpy [BZ #178]

On Wed, Nov 04, 2015 at 02:11:25PM +0100, Florian Weimer wrote:
> On 11/04/2015 04:23 AM, Rich Felker wrote:
> > There's certainly existing code that relies on strcpy not clobbering
> > anything past the strlen(src)+1 bytes it writes. Naturally strcpy
> > _can't_ do this because it has no way of knowing the dest buffer size.
> > But to be able to use strlcpy as a safer drop-in replacement in such
> > code, it would need to preserve this property.
> 
> Good.  I'm now convinced that there is such a requirement for strcpy,
> fgets and so on.  I checked our documentation and the standard for
> strcpy and fgets, and we do not explicitly specify this behavior
> (although I agree it is implicit).  My question is whether we should
> specify this explicitly for strlcpy.  It would give the impression that
> strlcpy is special in this regard, but it really is not.

I'm fine with omitting explicit documentation (which I agree would
imply strlcpy is special and raise confusion about the general
principle) as long as there's consensus that this is part of the
interface contract. I'd like to see some general language added to the
glibc docs explaining this at some point.

Rich
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]