From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from ams.source.kernel.org (ams.source.kernel.org [IPv6:2604:1380:4601:e00::1]) by sourceware.org (Postfix) with ESMTPS id C26723858C41 for ; Wed, 8 Nov 2023 19:40:22 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org C26723858C41 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=kernel.org Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=kernel.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org C26723858C41 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2604:1380:4601:e00::1 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1699472424; cv=none; b=x7Jiuzpu3bPyfO+cxUUDVRKQNb6iVagcYRGNbyCDpho7idmPQIRitWTVCdHDWW4ogIxDjg8OAJHBilnKO16p5iFlOKQWpzFueC9p5XDDmBP3AEOy6YJ10dxfIVa+gqqvw3IEz+UD6NvR+i6CoWeLRfDSW8lfqgCBWaZ3spTinfw= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1699472424; c=relaxed/simple; bh=g/O4IsfcpRUSX8xvC/91XOK6wTa639yymYbVeRCdUlI=; h=DKIM-Signature:Date:From:To:Subject:Message-ID:MIME-Version; b=eNqWzGm4FI4UeFr6DUBEWSKNe0xVF4V9jtA+ZiXFxzvMZzPpJ3Znk0uBCFCoskq6Yy08KhfsDy1BSJiFA/q4cIDElARfqeIOnyCe4xl5zPVvhfDBNT0C9oaX8W+xJcATnfyG3evwlV+Ujnjqk6FvPxnxe7SK2vkx4lLXuQB59rQ= ARC-Authentication-Results: i=1; server2.sourceware.org Received: from smtp.kernel.org (transwarp.subspace.kernel.org [100.75.92.58]) by ams.source.kernel.org (Postfix) with ESMTP id BDAF4B81E69; Wed, 8 Nov 2023 19:40:21 +0000 (UTC) Received: by smtp.kernel.org (Postfix) with ESMTPSA id 1F7F1C433C8; Wed, 8 Nov 2023 19:40:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1699472421; bh=g/O4IsfcpRUSX8xvC/91XOK6wTa639yymYbVeRCdUlI=; h=Date:From:To:Cc:Subject:References:In-Reply-To:From; b=Crx5EViDdDM3jNobaR4KcaLTf/rFBsF4z1AV8FIx4K6EGL8fUsRDqyQs9iney5Jnv BZiJBuaw+jvqAdOXj0tgFvrjwkdbKoCr6FP3LtDEFELtQz3gvj2Vylu4zSfjV/EVRv oA/QHiE8l/DoaSLYCNH12I7qhO6hmSIAfZZJjgEg7NOB2b66i7xq2nFdc8CMVVoMHP neoY/pUOYQbGcX+KNddmrIVrdYcueqDGZr9bkKqlbSo2yyhgxsFl13SYKRpHJPyK85 eiRWABYaWIKYaU8ZvIblwvzeGTTKptsRAj915JA+CUL6B/f81mCLXuRB+uQIq9fn3G hM0/uSYdXsYtQ== Date: Wed, 8 Nov 2023 20:40:17 +0100 From: Alejandro Colomar To: DJ Delorie Cc: libc-alpha@sourceware.org, jg@jguk.org, linux-man@vger.kernel.org Subject: Re: strncpy clarify result may not be null terminated Message-ID: References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha512; protocol="application/pgp-signature"; boundary="CifgPo3h7l75DdWM" Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-3.9 required=5.0 tests=BAYES_00,DKIMWL_WL_HIGH,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: --CifgPo3h7l75DdWM Content-Type: text/plain; protected-headers=v1; charset=utf-8 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Date: Wed, 8 Nov 2023 20:40:17 +0100 From: Alejandro Colomar To: DJ Delorie Cc: libc-alpha@sourceware.org, jg@jguk.org, linux-man@vger.kernel.org Subject: Re: strncpy clarify result may not be null terminated Hi DJ, On Wed, Nov 08, 2023 at 02:04:45PM -0500, DJ Delorie wrote: > Alejandro Colomar writes: > > strncpy(3) is useful to write to fixed-width buffers like `struct utmp` > > and `struct utmpx`. Is there any other libc API that needs strncpy(3)? >=20 > Let's not limit ourselves to glibc APIs. Tar format, for example, uses > fixed length fields (and my bet is that strncpy was created for it) yet > tar is not part of glibc. >=20 > IMHO the solution here is to document strncpy with sufficiently obvious > intent that it is NOT a length-limited strcpy (i.e. strlcpy) and should > ONLY be used for its intended purpose (filling a space-padded but not > null-terminated field) Indeed. That's what I did (I think). DESCRIPTION These functions copy the string pointed to by src into a null=E2=80= =90 padded character sequence at the fixed=E2=80=90width buffer pointed to= by dst. If the destination buffer, limited by its size, isn=E2=80=99t la= rge enough to hold the copy, the resulting character sequence is truncated. =2E.. CAVEATS The name of these functions is confusing. These functions pro=E2=80= =90 duce a null=E2=80=90padded character sequence, not a string (= see string_copying(7)). It=E2=80=99s impossible to distinguish truncation by the result of = the call, from a character sequence that just fits the destination buffer; truncation should be detected by comparing the length of the input string with the size of the destination buffer. I refuse to add any hints that strncpy(3) is good for copying strings. >=20 > It is not documentation's purpose to limit programmer's creativity, just > to give them an accurate representation of what the functions do. Thanks! Cheers, Alex --=20 --CifgPo3h7l75DdWM Content-Type: application/pgp-signature; name="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAABCgAdFiEE6jqH8KTroDDkXfJAnowa+77/2zIFAmVL5CEACgkQnowa+77/ 2zLhyg/+KPCMNU2aJsvORbDSZupzyKOyva3458KAYubaxsq16mGZVPfm98eyRiJg NMiWfCl81FCCgJ8bSSutVsjyD/JwY23snTW1+5gftdq5t003ZtrNFAoRFd2RCQiu mXsvhUcL8F/zYypwrNb2OFuN/lZyvlDk4G/zviMXW+49hdndN7Y6XhehXivoEDFK Pvjx0nPHLvszaiqc9Mbmk51DjBgfYC7VMEgcvdBR+wG+teqOZyiDHKjs0zxfvJIm 24w+22YHlinNVvBpC1KTsgLv9sfr/4BYJ/AOyw1f+gtKiQadhBmOOZ3EG97g/Rfh CcGo/yFHyYPjOMLChllkel+CaaCo/3KUMU40E2f/JvVCQIfGwSYtvG4Bi85V7hFJ nvA3OAP2fHHs4OfgDM8Vql60fE3dCSQWi7mhAG3VXgrTILYmhwluufVY7b/nS2IN ee0drXi7+i3i6nL0ip4CKRJ/ruw4Pf/4KOgj47HSZAN6nJdQFd1wXWabFfGviTWq mNbcXpp6lx2/APsjVSS4qOOBnG/gjL9BlTRsp/uwRqk+edWxuOomYynEzBiyFR8g /Ek1E6RsoVJbTfOQlx/iFSL7aqK+bnFpxrS36eI9tex1KPMzIpbL1msEvQ8CnQpt iALuTcpoW4EZYAf1vUF7B41kC+w4MdoQT5vHShmRHgSgHS1Eq54= =/SZS -----END PGP SIGNATURE----- --CifgPo3h7l75DdWM--