This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Re: [PATCH v7] Implement strlcpy, strlcat [BZ #178]
- From: Florian Weimer <fweimer at redhat dot com>
- To: Paul Eggert <eggert at cs dot ucla dot edu>
- Cc: GNU C Library <libc-alpha at sourceware dot org>
- Date: Thu, 7 Jan 2016 11:43:37 +0100
- Subject: Re: [PATCH v7] Implement strlcpy, strlcat [BZ #178]
- Authentication-results: sourceware.org; auth=none
- References: <5682DD7E dot 6000301 at redhat dot com> <56839678 dot 8040304 at cs dot ucla dot edu> <568ADC5F dot 5010608 at redhat dot com> <568B1587 dot 4030905 at cs dot ucla dot edu> <568C08E1 dot 2010604 at redhat dot com> <568C3ED3 dot 1090405 at cs dot ucla dot edu> <568C50F0 dot 2010402 at redhat dot com> <568C6DB0 dot 9030600 at cs dot ucla dot edu>
On 01/06/2016 02:28 AM, Paul Eggert wrote:
> Florian Weimer wrote:
>> I see the value as a post-condition, but I felt that your wording was
>> using the post-condition as a way to specify a pre-condition an
>> application has to adhere to, which I think is misleading.
>
> Perhaps we can think of a way to reword it that is not so misleading.
> The postcondition that the output is always null-terminated, together
> with the constraint that the output fits within the size, means that the
> size is nonzero. Perhaps add "Requiring @var{size} to be nonzero
> guarantees space to null-terminate the destination."?
I think you wanted size 0 to be undefined in the documentation? If we
do that, we can simplify the description.
(It is meaningless to discuss behavior of a function which is called
when its preconditions does not hold. If it appears to make sense to
add something like this to a specification, it means that the
preconditions have not been described correctly.)
Florian