Re: [osol-discuss] RFE: New version of |strcat()| ...

Tue, 28 Mar 2006 05:19:16 -0800 

Joerg Schilling writes:
> > How's that?
> 
> This is a conclusion from the C standard....

I should have been more explicit.  It seemed like a strange place for
a comment like this.

> > that:
> >
> >    strcatl(char *to, size_t tolen, ...)
> >
> > but, then, that calls the return value into question.  The return
> > value probably shouldn't be a pointer to the "last" char if a bounded
> > output array is supplied because it then becomes impossible for the
> > caller to detect overflow.
> 
> Could you explain this please?

One may check for overflow of the target buffer (and thus truncation
of the result) using strlcat(3C) like this:

        if (strlcat(dst, src, dstsize) >= dstsize)
                string_is_too_big();

The same works well with snprintf.  With the formulation of strcatl
you've proposed, it's not possible to check for this error condition
in any reasonable way following the call.  The user must do something
like this instead:

        if (strlen(dst) + strlen(src) >= dstsize)
                string_is_too_big();
        (void) strcatl(dst, src, (char *)NULL);

... and that seems unfortunate to me.

Joerg Schilling writes:
> James Carlson <[EMAIL PROTECTED]> wrote:
> 
> > Alan Coopersmith writes:
> > > Also, as I noted on IRC, strlcat() is close to this, and much safer.
> >
> > snprintf is simpler still and just as safe.
> 
> This does not work in case the call to strlcat() would be done from
> within a loop.

Seems to work fine for me:

        remlen = dstsize;
        while (--things >= 0) {
                seuss(&thing1, &thing2);
                added = snprintf(dst, remlen, "%s and %s", thing1, thing2);
                if (added >= remlen)
                        too_many_things();
                dst += added;
                remlen -= added;
        }

I think you're considering something like:

        while (--things >= 0) {
                seuss(&thing1, &thing2);
                if (strlcat(dst, thing1, dstsize) >= dstsize)
                        too_many_things();
                if (strlcat(dst, " and ", dstsize) >= dstsize)
                        too_many_things();
                if (strlcat(dst, thing2, dstsize) >= dstsize)
                        too_many_things();
        }

... but I don't see how that's necessarily more usable, maintainable,
or flexible.

-- 
James Carlson, KISS Network                    <[EMAIL PROTECTED]>
Sun Microsystems / 1 Network Drive         71.232W   Vox +1 781 442 2084
MS UBUR02-212 / Burlington MA 01803-2757   42.496N   Fax +1 781 442 1677
_______________________________________________
opensolaris-discuss mailing list
opensolaris-discuss@opensolaris.org

Reply via email to