This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH] Implement strlcat [BZ#178]
- From: Paul Eggert <eggert at cs dot ucla dot edu>
- To: Florian Weimer <fweimer at redhat dot com>, GNU C Library <libc-alpha at sourceware dot org>
- Date: Fri, 4 Dec 2015 11:06:58 -0800
- Subject: Re: [PATCH] Implement strlcat [BZ#178]
- Authentication-results: sourceware.org; auth=none
- References: <56547472 dot 3010302 at redhat dot com>
On 11/24/2015 06:30 AM, Florian Weimer wrote:
+
+ /* The sum cannot wrap around because both strings would be larger
+ than half of the address space, which is not possible due to
+ the restrict qualifier. */
+ return dest_length + src_length;
This comment assumes that the address space is flat, e.g., that
uintptr_t is the same width as size_t. Is this a safe assumption? I
can't seem to find that assumption documented anywhere. Anyway, assuming
the assumption is safe, I suggest mentioning it here, e.g.:
/* The sum cannot wrap around because both strings would be larger
than half of the address space, which is not possible because of
the restrict qualifier and because glibc assumes a flat address
space. */
I noticed this assumption while preparing a revision to the proposed
strlcpy+strlcat manual entries, and my next proposal will be based on
this assumption.