From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id C143B3858D32 for ; Thu, 13 Apr 2023 11:37:18 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org C143B3858D32 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1681385838; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: in-reply-to:in-reply-to:references:references; bh=iwJSytiJUObz7SNGAPqMVdabaMD4U2I8VXITfWNzkVA=; b=AioYTu8tInRCIyY6ubT/zjK/XYgSHW8T40ZY4HvkxBlz9wDQKytb+zRdxm8uBLwgo5ODoP rxVY28P4vOQ3MVmHa5n80ygvdjuEMPQMfOSassUlV39ArjBb9P5eO+OFZFThHpzjuyzRrx t0B3VMgDtCoh+c0Fs9uOiCDjbOxi824= Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-77-O-tGkO4tP7WNvW0guSslGA-1; Thu, 13 Apr 2023 07:37:15 -0400 X-MC-Unique: O-tGkO4tP7WNvW0guSslGA-1 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.rdu2.redhat.com [10.11.54.8]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id A8FC028135A8; Thu, 13 Apr 2023 11:37:14 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.39.192.48]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 19360C15E7F; Thu, 13 Apr 2023 11:37:13 +0000 (UTC) From: Florian Weimer To: Paul Eggert Cc: libc-alpha@sourceware.org Subject: Re: [PATCH 1/2] Implement strlcpy and strlcat [BZ #178] References: <3e699937-2b0d-7218-3f97-ab54154806c1@cs.ucla.edu> Date: Thu, 13 Apr 2023 13:37:12 +0200 In-Reply-To: (Paul Eggert's message of "Sun, 9 Apr 2023 08:29:50 -0700") Message-ID: <874jpkdndj.fsf@oldenburg.str.redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.8 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Type: text/plain X-Spam-Status: No, score=-4.9 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: * Paul Eggert: > +The behavior is undefined if @var{to} or @var{from} is a null pointer, > +or if the destination array's size is both less than @var{size} and > +less than or equal to the length of the string @var{from}, or if > +the string @var{from} overlaps the result (that is, if @var{from} > +overlaps the first @samp{MIN (@var{size}, strlen (@var{from}) + 1)} > +bytes of the the destination array @var{to}). This makes it defined to call strlcpy with an incorrect (too small) destination buffer size as long as the source string is short enough. Is this really necessary? The fortified implementation checks the destination buffer size unconditionally (like we do for other functions), and it does not match this documentation as a result. Thanks, Florian