diff options
author | ajs <ajs> | 2005-04-02 18:48:39 +0000 |
---|---|---|
committer | ajs <ajs> | 2005-04-02 18:48:39 +0000 |
commit | 851adbd947692bab9985e08865330d75c56ff253 (patch) | |
tree | 3295c305da371df1c12398b7e68a9677ddc38b55 | |
parent | d2fc88962a9a494ecb34167871bb9e7273a25d33 (diff) |
2005-04-02 Andrew J. Schorr <ajschorr@alumni.princeton.edu>
* str.c: Replace strlcpy and strlcat with actual working versions
copied from rsync-2.6.2/lib/compat.c.
-rw-r--r-- | lib/ChangeLog | 5 | ||||
-rw-r--r-- | lib/str.c | 72 |
2 files changed, 52 insertions, 25 deletions
diff --git a/lib/ChangeLog b/lib/ChangeLog index 8aaf3829..c372e66c 100644 --- a/lib/ChangeLog +++ b/lib/ChangeLog @@ -1,5 +1,10 @@ 2005-04-02 Andrew J. Schorr <ajschorr@alumni.princeton.edu> + * str.c: Replace strlcpy and strlcat with actual working versions + copied from rsync-2.6.2/lib/compat.c. + +2005-04-02 Andrew J. Schorr <ajschorr@alumni.princeton.edu> + * if.h: Remove define for IFINDEX_INTERNBASE and add define IFINDEX_INTERNAL 0, since all internal (i.e. non-kernel) pseudo- interfaces should have ifindex set to 0. @@ -1,11 +1,19 @@ /* * zebra string function * - * these functions are just very basic wrappers around exiting ones and - * do not offer the protection that might be expected against buffer - * overruns etc + * XXX This version of snprintf does not check bounds! */ +/* + The implementations of strlcpy and strlcat are copied from rsync (GPL): + Copyright (C) Andrew Tridgell 1998 + Copyright (C) 2002 by Martin Pool + + Note that these are not terribly efficient, since they make more than one + pass over the argument strings. At some point, they should be optimized. +*/ + + #include <zebra.h> #ifndef HAVE_SNPRINTF @@ -25,37 +33,51 @@ snprintf(char *str, size_t size, const char *format, ...) #endif #ifndef HAVE_STRLCPY -/* - * strlcpy is a safer version of strncpy(), checking the total - * size of the buffer - */ +/** + * Like strncpy but does not 0 fill the buffer and always null + * terminates. + * + * @param bufsize is the size of the destination buffer. + * + * @return index of the terminating byte. + **/ size_t -strlcpy(char *dst, const char *src, size_t size) +strlcpy(char *d, const char *s, size_t bufsize) { - strncpy(dst, src, size); - - return (strlen(dst)); + size_t len = strlen(s); + size_t ret = len; + if (bufsize > 0) { + if (len >= bufsize) + len = bufsize-1; + memcpy(d, s, len); + d[len] = 0; + } + return ret; } #endif #ifndef HAVE_STRLCAT -/* - * strlcat is a safer version of strncat(), checking the total - * size of the buffer - */ +/** + * Like strncat() but does not 0 fill the buffer and always null + * terminates. + * + * @param bufsize length of the buffer, which should be one more than + * the maximum resulting string length. + **/ size_t -strlcat(char *dst, const char *src, size_t size) +strlcat(char *d, const char *s, size_t bufsize) { - /* strncpy(dst, src, size - strlen(dst)); */ - - /* I've just added below code only for workable under Linux. So - need rewrite -- Kunihiro. */ - if (strlen (dst) + strlen (src) >= size) - return -1; - - strcat (dst, src); + size_t len1 = strlen(d); + size_t len2 = strlen(s); + size_t ret = len1 + len2; - return (strlen(dst)); + if (len1 < bufsize - 1) { + if (len2 >= bufsize - len1) + len2 = bufsize - len1 - 1; + memcpy(d+len1, s, len2); + d[len1+len2] = 0; + } + return ret; } #endif |