Re: libtool-branch-2-0: add strlcat/strlcpy emulation

[Ralf Wildenhues]

* Bob Friesenhahn wrote on Sun, Dec 12, 2004 at 09:37:28PM CET:
> The attached patch adds strlcat/strlcpy emulation functions to libtool 
> branch 2.0.  These functions are added to replace dangerous 
> strcat/strncat functions in libltdl.  They are not actually used yet.
> 
> Assuming that this is ok to commit, I will prepare a similar patch for 
> HEAD.
> 
> Ok to commit?

Yes, pending only minor nits below:

> diff -N libltdl/lt__strl.c
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ libltdl/lt__strl.c        12 Dec 2004 20:23:42 -0000
> @@ -0,0 +1,127 @@
> +/* lt__strl.c -- size-bounded string copying and concatenation
> +   Copyright (C) 2004 Free Software Foundation, Inc.
> +   Written by Bob Friesenhahn <address@hidden>
> +
> +   NOTE: The canonical source of this file is maintained with the
> +   GNU Libtool package.  Report bugs to address@hidden
> +
> +This library is free software; you can redistribute it and/or
> +modify it under the terms of the GNU Lesser General Public
> +License as published by the Free Software Foundation; either
> +version 2 of the License, or (at your option) any later version.
> +
> +As a special exception to the GNU Lesser General Public License,
> +if you distribute this file as part of a program or library that
> +is built using GNU libtool, you may include it under the same
> +distribution terms that you use for the rest of that program.
> +
> +This library is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +Lesser General Public License for more details.
> +
> +You should have received a copy of the GNU Lesser General Public
> +License along with this library; if not, write to the Free Software
> +Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
> +02111-1307  USA
> +
> +*/
> +
> +#include <assert.h>
> +#include <sys/types.h>

Since we assume ANSI C89, I see no reason to include sys/types.h here.
Is there a system of interest which needs this?

> +#include <string.h>
> +
> +#include "lt__strl.h"
> +
> +/*
> + lt_strlcat appends the NULL-terminated string src to the end of dst.
> + It will append at most dstsize - strlen(dst) - 1 bytes,
> + NULL-terminating the result. The total length of the string which
> + would have been created given sufficient buffer size (may be longer
> + than dstsize) is returned.  This function substitutes for strlcat()
> + which is available under NetBSD, FreeBSD and Solaris 9.
> +
> + Buffer overflow can be checked as follows:
> +
> +   if (lt_strlcat(dst, src, dstsize) >= dstsize)
> +     return -1;
> +*/

*big snip*

> Index: libltdl/libltdl/lt__strl.h
> ===================================================================
> RCS file: libltdl/libltdl/lt__strl.h
> diff -N libltdl/libltdl/lt__strl.h
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ libltdl/libltdl/lt__strl.h        12 Dec 2004 20:23:42 -0000
> @@ -0,0 +1,50 @@
> +/* lt__strl.h -- size-bounded string copying and concatenation
> +   Copyright (C) 2004 Free Software Foundation, Inc.
> +   Written by Bob Friesenhahn <address@hidden>
> +
> +   NOTE: The canonical source of this file is maintained with the
> +   GNU Libtool package.  Report bugs to address@hidden
> +
> +This library is free software; you can redistribute it and/or
> +modify it under the terms of the GNU Lesser General Public
> +License as published by the Free Software Foundation; either
> +version 2 of the License, or (at your option) any later version.
> +
> +As a special exception to the GNU Lesser General Public License,
> +if you distribute this file as part of a program or library that
> +is built using GNU libtool, you may include it under the same
> +distribution terms that you use for the rest of that program.
> +
> +This library is distributed in the hope that it will be useful,
> +but WITHOUT ANY WARRANTY; without even the implied warranty of
> +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
> +Lesser General Public License for more details.
> +
> +You should have received a copy of the GNU Lesser General Public
> +License along with this library; if not, write to the Free Software
> +Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA
> +02111-1307  USA
> +
> +*/
> +
> +#if !defined(LT__STRL_H)
> +#define LT__STRL_H 1
> +
> +#if defined(HAVE_CONFIG_H)
> +#  include HAVE_CONFIG_H
> +#endif
> +
> +#include <sys/types.h>

Same question here.

> +#include "lt_system.h"
> +
> +#if !defined(HAVE_STRLCAT)
> +#  define strlcat(dst,src,dstsize) lt_strlcat(dst,src,dstsize)
> +LT_SCOPE size_t lt_strlcat(char *dst, const char *src, const size_t dstsize);
> +#endif /* !defined(HAVE_STRLCAT) */
> +
> +#if !defined(HAVE_STRLCPY)
> +#  define strlcpy(dst,src,dstsize) lt_strlcpy(dst,src,dstsize)
> +LT_SCOPE size_t lt_strlcpy(char *dst, const char *src, const size_t dstsize);
> +#endif /* !defined(HAVE_STRLCPY) */
> +
> +#endif /*!defined(LT__STRL_H)*/


* Albert Chin wrote on Sun, Dec 12, 2004 at 11:14:00PM CET:
> 
> I'd rather use the OpenBSD versions of these functions. Theirs has
> probably undergone more extensive testing.

libltdl seemingly also has undergone extensive testing, right?
Still I have found quite a few weak spots within the last months.

That being said:  I have looked at Bob's functions, and think they
are correct.  Something I cannot say of all of libltdl's code 
(simply because I haven't gone through all of it).

> However, is this really needed? Nothing wrong with strcat/strncat if
> you know how to use it right. No strong objections though.

Actually, for malloc'ed buffers I'd use memcpy only, as *cat is a waste.
But there's a readability price to pay.

Regards,
Ralf