From patchwork Thu Apr 20 12:28:16 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 68061 X-Patchwork-Delegate: siddhesh@gotplt.org Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 8D02C3858C83 for ; Thu, 20 Apr 2023 12:29:22 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 8D02C3858C83 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1681993762; bh=S5UVrAOmyMGmLE+qb4SFi0GjnUAVjAiChYAiyvpZWXU=; h=To:Subject:In-Reply-To:References:Date:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: From; b=bXOj0c454m1hNZWjSwCwEk0qm2/Xw3UesYFkecYkBZqttiI3OUoQli6Tzr5hCm/kM YtGNkGjkdD08WnZ39tEKYKKU/xl1So3Xf2A4x7+P8L5aOtbsyQHZXxMxDJNO4IybHu H4o2qbHHpO/XZqs5pGyFuw2wpj3zTWYT3jOoZDFE= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id A6D0A385842D for ; Thu, 20 Apr 2023 12:28:20 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org A6D0A385842D Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-313-m819MVGqOta4rkpownuIrQ-1; Thu, 20 Apr 2023 08:28:19 -0400 X-MC-Unique: m819MVGqOta4rkpownuIrQ-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id C8545185A790 for ; Thu, 20 Apr 2023 12:28:18 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.2.16.5]) by smtp.corp.redhat.com (Postfix) with ESMTPS id BA86B4020BF0 for ; Thu, 20 Apr 2023 12:28:17 +0000 (UTC) To: libc-alpha@sourceware.org Subject: [PATCH v2 1/3] Implement strlcpy and strlcat [BZ #178] In-Reply-To: References: X-From-Line: 89f7819d31a734d4e9d5b44a1be04e69b825499e Mon Sep 17 00:00:00 2001 Message-Id: <89f7819d31a734d4e9d5b44a1be04e69b825499e.1681993374.git.fweimer@redhat.com> Date: Thu, 20 Apr 2023 14:28:16 +0200 User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-10.5 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Florian Weimer via Libc-alpha From: Florian Weimer Reply-To: Florian Weimer Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" These functions are about to be added to POSIX, under Austin Group issue 986. The fortified strlcat implementation does not raise SIGABRT if the destination buffer does not contain a null terminator, it just inheritis the non-failing regular strlcat behavior. Reviewed-by: Siddhesh Poyarekar --- NEWS | 3 + debug/Makefile | 2 + debug/Versions | 4 + debug/strlcat_chk.c | 31 +++++++ debug/strlcpy_chk.c | 31 +++++++ debug/tst-fortify.c | 31 +++++++ include/string.h | 4 + string/Makefile | 4 + string/Versions | 4 + string/bits/string_fortified.h | 36 ++++++++ string/string.h | 13 +++ string/strlcat.c | 59 +++++++++++++ string/strlcpy.c | 46 ++++++++++ string/tst-strlcat.c | 84 +++++++++++++++++++ string/tst-strlcpy.c | 68 +++++++++++++++ sysdeps/mach/hurd/i386/libc.abilist | 4 + sysdeps/unix/sysv/linux/aarch64/libc.abilist | 4 + sysdeps/unix/sysv/linux/alpha/libc.abilist | 4 + sysdeps/unix/sysv/linux/arc/libc.abilist | 4 + sysdeps/unix/sysv/linux/arm/be/libc.abilist | 4 + sysdeps/unix/sysv/linux/arm/le/libc.abilist | 4 + sysdeps/unix/sysv/linux/csky/libc.abilist | 4 + sysdeps/unix/sysv/linux/hppa/libc.abilist | 4 + sysdeps/unix/sysv/linux/i386/libc.abilist | 4 + sysdeps/unix/sysv/linux/ia64/libc.abilist | 4 + .../sysv/linux/loongarch/lp64/libc.abilist | 4 + .../sysv/linux/m68k/coldfire/libc.abilist | 4 + .../unix/sysv/linux/m68k/m680x0/libc.abilist | 4 + .../sysv/linux/microblaze/be/libc.abilist | 4 + .../sysv/linux/microblaze/le/libc.abilist | 4 + .../sysv/linux/mips/mips32/fpu/libc.abilist | 4 + .../sysv/linux/mips/mips32/nofpu/libc.abilist | 4 + .../sysv/linux/mips/mips64/n32/libc.abilist | 4 + .../sysv/linux/mips/mips64/n64/libc.abilist | 4 + sysdeps/unix/sysv/linux/nios2/libc.abilist | 4 + sysdeps/unix/sysv/linux/or1k/libc.abilist | 4 + .../linux/powerpc/powerpc32/fpu/libc.abilist | 4 + .../powerpc/powerpc32/nofpu/libc.abilist | 4 + .../linux/powerpc/powerpc64/be/libc.abilist | 4 + .../linux/powerpc/powerpc64/le/libc.abilist | 4 + .../unix/sysv/linux/riscv/rv32/libc.abilist | 4 + .../unix/sysv/linux/riscv/rv64/libc.abilist | 4 + .../unix/sysv/linux/s390/s390-32/libc.abilist | 4 + .../unix/sysv/linux/s390/s390-64/libc.abilist | 4 + sysdeps/unix/sysv/linux/sh/be/libc.abilist | 4 + sysdeps/unix/sysv/linux/sh/le/libc.abilist | 4 + .../sysv/linux/sparc/sparc32/libc.abilist | 4 + .../sysv/linux/sparc/sparc64/libc.abilist | 4 + .../unix/sysv/linux/x86_64/64/libc.abilist | 4 + .../unix/sysv/linux/x86_64/x32/libc.abilist | 4 + 50 files changed, 560 insertions(+) create mode 100644 debug/strlcat_chk.c create mode 100644 debug/strlcpy_chk.c create mode 100644 string/strlcat.c create mode 100644 string/strlcpy.c create mode 100644 string/tst-strlcat.c create mode 100644 string/tst-strlcpy.c diff --git a/NEWS b/NEWS index 83d082afad..b21c4c10aa 100644 --- a/NEWS +++ b/NEWS @@ -21,6 +21,9 @@ Major new features: * PRIb* and PRIB* macros from C2X have been added to . +* The strlcpy and strlcat functions have been added. They are derived + from OpenBSD, and are expected to be added to a future POSIX version. + Deprecated and removed features, and other changes affecting compatibility: * In the Linux kernel for the hppa/parisc architecture some of the diff --git a/debug/Makefile b/debug/Makefile index a8b4036cdc..f5f27f793c 100644 --- a/debug/Makefile +++ b/debug/Makefile @@ -83,6 +83,8 @@ routines = \ stpncpy_chk \ strcat_chk \ strcpy_chk \ + strlcat_chk \ + strlcpy_chk \ strncat_chk \ strncpy_chk \ swprintf_chk \ diff --git a/debug/Versions b/debug/Versions index a6628db356..94dfa5f428 100644 --- a/debug/Versions +++ b/debug/Versions @@ -58,6 +58,10 @@ libc { GLIBC_2.25 { __explicit_bzero_chk; } + GLIBC_2.38 { + __strlcat_chk; + __strlcpy_chk; + } GLIBC_PRIVATE { __fortify_fail; } diff --git a/debug/strlcat_chk.c b/debug/strlcat_chk.c new file mode 100644 index 0000000000..888a62fad5 --- /dev/null +++ b/debug/strlcat_chk.c @@ -0,0 +1,31 @@ +/* Fortified version of strlcat. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +/* Check that the user-supplied size does not exceed the + compiler-determined size, and then forward to strlcat. */ +size_t +__strlcat_chk (char *__restrict s1, const char *__restrict s2, + size_t n, size_t s1len) +{ + if (__glibc_unlikely (s1len < n)) + __chk_fail (); + + return __strlcat (s1, s2, n); +} diff --git a/debug/strlcpy_chk.c b/debug/strlcpy_chk.c new file mode 100644 index 0000000000..768a3af686 --- /dev/null +++ b/debug/strlcpy_chk.c @@ -0,0 +1,31 @@ +/* Fortified version of strlcpy. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +/* Check that the user-supplied size does not exceed the + compiler-determined size, and then forward to strlcpy. */ +size_t +__strlcpy_chk (char *__restrict s1, const char *__restrict s2, + size_t n, size_t s1len) +{ + if (__glibc_unlikely (s1len < n)) + __chk_fail (); + + return __strlcpy (s1, s2, n); +} diff --git a/debug/tst-fortify.c b/debug/tst-fortify.c index 7850a4e558..f74a5e04dc 100644 --- a/debug/tst-fortify.c +++ b/debug/tst-fortify.c @@ -535,6 +535,20 @@ do_test (void) strncpy (a.buf1 + (O + 6), "X", l0 + 4); CHK_FAIL_END + CHK_FAIL_START + strlcpy (a.buf1 + (O + 6), "X", 4); + CHK_FAIL_END + + CHK_FAIL_START + strlcpy (a.buf1 + (O + 6), "X", l0 + 4); + CHK_FAIL_END + + { + char *volatile buf2 = buf; + if (strlcpy (buf2, "a", sizeof (buf) + 1) != 1) + FAIL (); + } + # if !defined __cplusplus || defined __va_arg_pack CHK_FAIL_START sprintf (a.buf1 + (O + 7), "%d", num1); @@ -558,6 +572,23 @@ do_test (void) CHK_FAIL_START strncat (a.buf1, "ZYXWV", l0 + 3); CHK_FAIL_END + + memset (a.buf1, 0, sizeof (a.buf1)); + CHK_FAIL_START + strlcat (a.buf1 + (O + 6), "X", 4); + CHK_FAIL_END + + memset (a.buf1, 0, sizeof (a.buf1)); + CHK_FAIL_START + strlcat (a.buf1 + (O + 6), "X", l0 + 4); + CHK_FAIL_END + + { + buf[0] = '\0'; + char *volatile buf2 = buf; + if (strlcat (buf2, "a", sizeof (buf) + 1) != 1) + FAIL (); + } #endif diff --git a/include/string.h b/include/string.h index 673cfd7272..0c78ad2539 100644 --- a/include/string.h +++ b/include/string.h @@ -88,6 +88,10 @@ libc_hidden_proto (__stpcpy) # define __stpcpy(dest, src) __builtin_stpcpy (dest, src) #endif libc_hidden_proto (__stpncpy) +extern __typeof (strlcpy) __strlcpy; +libc_hidden_proto (__strlcpy) +extern __typeof (strlcat) __strlcat; +libc_hidden_proto (__strlcat) libc_hidden_proto (__rawmemchr) libc_hidden_proto (__strcasecmp) libc_hidden_proto (__strcasecmp_l) diff --git a/string/Makefile b/string/Makefile index c84b49aaa5..c746ee1792 100644 --- a/string/Makefile +++ b/string/Makefile @@ -92,6 +92,8 @@ routines := \ strerrorname_np \ strfry \ string-inlines \ + strlcat \ + strlcpy \ strlen \ strncase \ strncase_l \ @@ -175,6 +177,8 @@ tests := \ tst-inlcall \ tst-memmove-overflow \ tst-strfry \ + tst-strlcat \ + tst-strlcpy \ tst-strlen \ tst-strtok \ tst-strtok_r \ diff --git a/string/Versions b/string/Versions index 864c4cf7a4..c56e372a3c 100644 --- a/string/Versions +++ b/string/Versions @@ -92,4 +92,8 @@ libc { GLIBC_2.35 { __memcmpeq; } + GLIBC_2.38 { + strlcat; + strlcpy; + } } diff --git a/string/bits/string_fortified.h b/string/bits/string_fortified.h index 9900df6104..23ef064168 100644 --- a/string/bits/string_fortified.h +++ b/string/bits/string_fortified.h @@ -139,4 +139,40 @@ __NTH (strncat (char *__restrict __dest, const char *__restrict __src, __glibc_objsize (__dest)); } +#ifdef __USE_MISC +extern size_t __strlcpy_chk (char *__dest, const char *__src, size_t __n, + size_t __destlen) __THROW; +extern size_t __REDIRECT_NTH (__strlcpy_alias, + (char *__dest, const char *__src, size_t __n), + strlcpy); + +__fortify_function size_t +__NTH (strlcpy (char *__restrict __dest, const char *__restrict __src, + size_t __n)) +{ + if (__glibc_objsize (__dest) != (size_t) -1 + && (!__builtin_constant_p (__n > __glibc_objsize (__dest)) + || __n > __glibc_objsize (__dest))) + return __strlcpy_chk (__dest, __src, __n, __glibc_objsize (__dest)); + return __strlcpy_alias (__dest, __src, __n); +} + +extern size_t __strlcat_chk (char *__dest, const char *__src, size_t __n, + size_t __destlen) __THROW; +extern size_t __REDIRECT_NTH (__strlcat_alias, + (char *__dest, const char *__src, size_t __n), + strlcat); + +__fortify_function size_t +__NTH (strlcat (char *__restrict __dest, const char *__restrict __src, + size_t __n)) +{ + if (__glibc_objsize (__dest) != (size_t) -1 + && (!__builtin_constant_p (__n > __glibc_objsize (__dest)) + || __n > __glibc_objsize (__dest))) + return __strlcat_chk (__dest, __src, __n, __glibc_objsize (__dest)); + return __strlcat_alias (__dest, __src, __n); +} +#endif /* __USE_MISC */ + #endif /* bits/string_fortified.h */ diff --git a/string/string.h b/string/string.h index 4927879ecf..c0773d11d8 100644 --- a/string/string.h +++ b/string/string.h @@ -501,6 +501,19 @@ extern char *stpncpy (char *__restrict __dest, __THROW __nonnull ((1, 2)); #endif +#ifdef __USE_MISC +/* Copy at most N - 1 characters from SRC to DEST. */ +extern size_t strlcpy (char *__restrict __dest, + const char *__restrict __src, size_t __n) + __THROW __nonnull ((1, 2)) __attr_access ((__write_only__, 1, 3)); + +/* Append SRC to DEST, possibly with truncation to keep the total size + below N. */ +extern size_t strlcat (char *__restrict __dest, + const char *__restrict __src, size_t __n) + __THROW __nonnull ((1, 2)) __attr_access ((__read_write__, 1, 3)); +#endif + #ifdef __USE_GNU /* Compare S1 and S2 as strings holding name & indices/version numbers. */ extern int strverscmp (const char *__s1, const char *__s2) diff --git a/string/strlcat.c b/string/strlcat.c new file mode 100644 index 0000000000..dce4c255d1 --- /dev/null +++ b/string/strlcat.c @@ -0,0 +1,59 @@ +/* Append a null-terminated string to another string, with length checking. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include + +size_t +__strlcat (char *__restrict dest, const char *__restrict src, size_t size) +{ + size_t src_length = strlen (src); + + /* Our implementation strlcat supports dest == NULL if size == 0 + (for consistency with snprintf and strlcpy), but strnlen does + not, so we have to cover this case explicitly. */ + if (size == 0) + return src_length; + + size_t dest_length = __strnlen (dest, size); + if (dest_length != size) + { + /* Copy at most the remaining number of characters in the + destination buffer. Leave for the NUL terminator. */ + size_t to_copy = size - dest_length - 1; + /* But not more than what is available in the source string. */ + if (to_copy > src_length) + to_copy = src_length; + + char *target = dest + dest_length; + memcpy (target, src, to_copy); + target[to_copy] = '\0'; + } + + /* If the sum wraps around, we have more than SIZE_MAX + 2 bytes in + the two input strings (including both null terminators). If each + byte in the address space can be assigned a unique size_t value + (which the static_assert checks), then by the pigeonhole + principle, the two input strings must overlap, which is + undefined. */ + _Static_assert (sizeof (uintptr_t) == sizeof (size_t), + "theoretical maximum object size covers address space"); + return dest_length + src_length; +} +libc_hidden_def (__strlcat) +weak_alias (__strlcat, strlcat) diff --git a/string/strlcpy.c b/string/strlcpy.c new file mode 100644 index 0000000000..7a0df3ebb6 --- /dev/null +++ b/string/strlcpy.c @@ -0,0 +1,46 @@ +/* Copy a null-terminated string to a fixed-size buffer, with length checking. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +size_t +__strlcpy (char *__restrict dest, const char *__restrict src, size_t size) +{ + size_t src_length = strlen (src); + + if (__glibc_unlikely (src_length >= size)) + { + if (size > 0) + { + /* Copy the leading portion of the string. The last + character is subsequently overwritten with the NUL + terminator, but the destination size is usually a + multiple of a small power of two, so writing it twice + should be more efficient than copying an odd number of + bytes. */ + memcpy (dest, src, size); + dest[size - 1] = '\0'; + } + } + else + /* Copy the string and its terminating NUL character. */ + memcpy (dest, src, src_length + 1); + return src_length; +} +libc_hidden_def (__strlcpy) +weak_alias (__strlcpy, strlcpy) diff --git a/string/tst-strlcat.c b/string/tst-strlcat.c new file mode 100644 index 0000000000..f8c716373e --- /dev/null +++ b/string/tst-strlcat.c @@ -0,0 +1,84 @@ +/* Test the strlcat function. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include + +static int +do_test (void) +{ + struct { + char buf1[16]; + char buf2[16]; + } s; + + /* Nothing is written to the destination if its size is 0. */ + memset (&s, '@', sizeof (s)); + TEST_COMPARE (strlcat (s.buf1, "", 0), 0); + TEST_COMPARE_BLOB (&s, sizeof (s), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", 32); + TEST_COMPARE (strlcat (s.buf1, "Hello!", 0), 6); + TEST_COMPARE_BLOB (&s, sizeof (s), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", 32); + + /* No bytes are are modified in the target buffer if the source + string is short enough. */ + memset (&s, '@', sizeof (s)); + strcpy (s.buf1, "He"); + TEST_COMPARE (strlcat (s.buf1, "llo!", sizeof (s.buf1)), 6); + TEST_COMPARE_BLOB (&s, sizeof (s), "Hello!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 32); + + /* A source string which fits exactly into the destination buffer is + not truncated. */ + memset (&s, '@', sizeof (s)); + strcpy (s.buf1, "H"); + TEST_COMPARE (strlcat (s.buf1, "ello, world!!!", sizeof (s.buf1)), 15); + TEST_COMPARE_BLOB (&s, sizeof (s), + "Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 32); + + /* A source string one character longer than the destination buffer + is truncated by one character. The total length is returned. */ + memset (&s, '@', sizeof (s)); + strcpy (s.buf1, "Hello"); + TEST_COMPARE (strlcat (s.buf1, ", world!!!!", sizeof (s.buf1)), 16); + TEST_COMPARE_BLOB (&s, sizeof (s), + "Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 32); + + /* An even longer source string is truncated as well, and the total + length is returned. */ + memset (&s, '@', sizeof (s)); + strcpy (s.buf1, "Hello,"); + TEST_COMPARE (strlcat (s.buf1, " world!!!!!!!!", sizeof (s.buf1)), 20); + TEST_COMPARE_BLOB (&s, sizeof (s), + "Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 32); + + /* A destination string which is not NUL-terminated does not result + in any changes to the buffer. */ + memset (&s, '@', sizeof (s)); + memset (s.buf1, '$', sizeof (s.buf1)); + TEST_COMPARE (strlcat (s.buf1, "", sizeof (s.buf1)), 16); + TEST_COMPARE_BLOB (&s, sizeof (s), "$$$$$$$$$$$$$$$$@@@@@@@@@@@@@@@@", 32); + TEST_COMPARE (strlcat (s.buf1, "Hello!", sizeof (s.buf1)), 22); + TEST_COMPARE_BLOB (&s, sizeof (s), "$$$$$$$$$$$$$$$$@@@@@@@@@@@@@@@@", 32); + TEST_COMPARE (strlcat (s.buf1, "Hello, world!!!!!!!!", sizeof (s.buf1)), 36); + TEST_COMPARE_BLOB (&s, sizeof (s), "$$$$$$$$$$$$$$$$@@@@@@@@@@@@@@@@", 32); + + return 0; +} + +#include diff --git a/string/tst-strlcpy.c b/string/tst-strlcpy.c new file mode 100644 index 0000000000..0063c43f5c --- /dev/null +++ b/string/tst-strlcpy.c @@ -0,0 +1,68 @@ +/* Test the strlcpy function. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include + +static int +do_test (void) +{ + struct { + char buf1[16]; + char buf2[16]; + } s; + + /* Nothing is written to the destination if its size is 0. */ + memset (&s, '@', sizeof (s)); + TEST_COMPARE (strlcpy (s.buf1, "Hello!", 0), 6); + TEST_COMPARE_BLOB (&s, sizeof (s), "@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", 32); + + /* No bytes are are modified in the target buffer if the source + string is short enough. */ + memset (&s, '@', sizeof (s)); + TEST_COMPARE (strlcpy (s.buf1, "Hello!", sizeof (s.buf1)), 6); + TEST_COMPARE_BLOB (&s, sizeof (s), "Hello!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 32); + + /* A source string which fits exactly into the destination buffer is + not truncated. */ + memset (&s, '@', sizeof (s)); + TEST_COMPARE (strlcpy (s.buf1, "Hello, world!!!", sizeof (s.buf1)), 15); + TEST_COMPARE_BLOB (&s, sizeof (s), + "Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 32); + + /* A source string one character longer than the destination buffer + is truncated by one character. The untruncated source length is + returned. */ + memset (&s, '@', sizeof (s)); + TEST_COMPARE (strlcpy (s.buf1, "Hello, world!!!!", sizeof (s.buf1)), 16); + TEST_COMPARE_BLOB (&s, sizeof (s), + "Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 32); + + /* An even longer source string is truncated as well, and the + original length is returned. */ + memset (&s, '@', sizeof (s)); + TEST_COMPARE (strlcpy (s.buf1, "Hello, world!!!!!!!!", sizeof (s.buf1)), 20); + TEST_COMPARE_BLOB (&s, sizeof (s), + "Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 32); + + return 0; +} + +#include diff --git a/sysdeps/mach/hurd/i386/libc.abilist b/sysdeps/mach/hurd/i386/libc.abilist index 6925222ff3..9b4c5f4719 100644 --- a/sysdeps/mach/hurd/i386/libc.abilist +++ b/sysdeps/mach/hurd/i386/libc.abilist @@ -2326,6 +2326,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/aarch64/libc.abilist b/sysdeps/unix/sysv/linux/aarch64/libc.abilist index 0e2d9c3045..cf51b88932 100644 --- a/sysdeps/unix/sysv/linux/aarch64/libc.abilist +++ b/sysdeps/unix/sysv/linux/aarch64/libc.abilist @@ -2665,3 +2665,7 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F diff --git a/sysdeps/unix/sysv/linux/alpha/libc.abilist b/sysdeps/unix/sysv/linux/alpha/libc.abilist index f1bec1978d..4b25f343b8 100644 --- a/sysdeps/unix/sysv/linux/alpha/libc.abilist +++ b/sysdeps/unix/sysv/linux/alpha/libc.abilist @@ -2774,6 +2774,10 @@ GLIBC_2.38 __nldbl___isoc23_vsscanf F GLIBC_2.38 __nldbl___isoc23_vswscanf F GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/arc/libc.abilist b/sysdeps/unix/sysv/linux/arc/libc.abilist index aa874b88d0..5a58cc0477 100644 --- a/sysdeps/unix/sysv/linux/arc/libc.abilist +++ b/sysdeps/unix/sysv/linux/arc/libc.abilist @@ -2426,3 +2426,7 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F diff --git a/sysdeps/unix/sysv/linux/arm/be/libc.abilist b/sysdeps/unix/sysv/linux/arm/be/libc.abilist index afbd57da6f..99ce948c5c 100644 --- a/sysdeps/unix/sysv/linux/arm/be/libc.abilist +++ b/sysdeps/unix/sysv/linux/arm/be/libc.abilist @@ -546,6 +546,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 _Exit F GLIBC_2.4 _IO_2_1_stderr_ D 0xa0 GLIBC_2.4 _IO_2_1_stdin_ D 0xa0 diff --git a/sysdeps/unix/sysv/linux/arm/le/libc.abilist b/sysdeps/unix/sysv/linux/arm/le/libc.abilist index e7364cd3fe..c00bf72ebc 100644 --- a/sysdeps/unix/sysv/linux/arm/le/libc.abilist +++ b/sysdeps/unix/sysv/linux/arm/le/libc.abilist @@ -543,6 +543,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 _Exit F GLIBC_2.4 _IO_2_1_stderr_ D 0xa0 GLIBC_2.4 _IO_2_1_stdin_ D 0xa0 diff --git a/sysdeps/unix/sysv/linux/csky/libc.abilist b/sysdeps/unix/sysv/linux/csky/libc.abilist index 913fa59215..71130f2c6b 100644 --- a/sysdeps/unix/sysv/linux/csky/libc.abilist +++ b/sysdeps/unix/sysv/linux/csky/libc.abilist @@ -2702,3 +2702,7 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F diff --git a/sysdeps/unix/sysv/linux/hppa/libc.abilist b/sysdeps/unix/sysv/linux/hppa/libc.abilist index 43af3a9811..5a651c03df 100644 --- a/sysdeps/unix/sysv/linux/hppa/libc.abilist +++ b/sysdeps/unix/sysv/linux/hppa/libc.abilist @@ -2651,6 +2651,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/i386/libc.abilist b/sysdeps/unix/sysv/linux/i386/libc.abilist index af72f8fab0..12b91ef632 100644 --- a/sysdeps/unix/sysv/linux/i386/libc.abilist +++ b/sysdeps/unix/sysv/linux/i386/libc.abilist @@ -2835,6 +2835,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/ia64/libc.abilist b/sysdeps/unix/sysv/linux/ia64/libc.abilist index 48cbb0fa50..f223c5e08d 100644 --- a/sysdeps/unix/sysv/linux/ia64/libc.abilist +++ b/sysdeps/unix/sysv/linux/ia64/libc.abilist @@ -2600,6 +2600,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist b/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist index c15884bb0b..b91ed6e704 100644 --- a/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist +++ b/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist @@ -2186,3 +2186,7 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F diff --git a/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist b/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist index 3738db81df..0d91d7f1ae 100644 --- a/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist +++ b/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist @@ -547,6 +547,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 _Exit F GLIBC_2.4 _IO_2_1_stderr_ D 0x98 GLIBC_2.4 _IO_2_1_stdin_ D 0x98 diff --git a/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist b/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist index ed13627752..e87b22747a 100644 --- a/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist +++ b/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist @@ -2778,6 +2778,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist b/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist index 8357738621..f7623d6d72 100644 --- a/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist +++ b/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist @@ -2751,3 +2751,7 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F diff --git a/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist b/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist index 58c5da583d..298aa99b42 100644 --- a/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist +++ b/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist @@ -2748,3 +2748,7 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F diff --git a/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist index d3741945cd..f83bdc50cd 100644 --- a/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist +++ b/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist @@ -2743,6 +2743,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist index 5319fdc204..611ece2ac4 100644 --- a/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist +++ b/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist @@ -2741,6 +2741,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist index 1743ea6eb9..0af286fda1 100644 --- a/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist +++ b/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist @@ -2749,6 +2749,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist index 9b1f53c6ac..8285f2196e 100644 --- a/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist +++ b/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist @@ -2651,6 +2651,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/nios2/libc.abilist b/sysdeps/unix/sysv/linux/nios2/libc.abilist index ae1c6ca1b5..c7144d7cd8 100644 --- a/sysdeps/unix/sysv/linux/nios2/libc.abilist +++ b/sysdeps/unix/sysv/linux/nios2/libc.abilist @@ -2790,3 +2790,7 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F diff --git a/sysdeps/unix/sysv/linux/or1k/libc.abilist b/sysdeps/unix/sysv/linux/or1k/libc.abilist index a7c572c947..bb43247795 100644 --- a/sysdeps/unix/sysv/linux/or1k/libc.abilist +++ b/sysdeps/unix/sysv/linux/or1k/libc.abilist @@ -2172,3 +2172,7 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist index 074fa031a7..7cc5660830 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist @@ -2817,6 +2817,10 @@ GLIBC_2.38 __nldbl___isoc23_vsscanf F GLIBC_2.38 __nldbl___isoc23_vswscanf F GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist index dfcb4bd2d5..dd290af782 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist @@ -2850,6 +2850,10 @@ GLIBC_2.38 __nldbl___isoc23_vsscanf F GLIBC_2.38 __nldbl___isoc23_vswscanf F GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist index 63bbccf3f9..f2b001402c 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist @@ -2571,6 +2571,10 @@ GLIBC_2.38 __nldbl___isoc23_vsscanf F GLIBC_2.38 __nldbl___isoc23_vswscanf F GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist index ab85fd61ef..9cc431666e 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist @@ -2885,3 +2885,7 @@ GLIBC_2.38 __nldbl___isoc23_vsscanf F GLIBC_2.38 __nldbl___isoc23_vswscanf F GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F diff --git a/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist b/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist index b716f5c763..b9b725f913 100644 --- a/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist +++ b/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist @@ -2428,3 +2428,7 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F diff --git a/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist b/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist index 774e777b65..e0f4863856 100644 --- a/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist +++ b/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist @@ -2628,3 +2628,7 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F diff --git a/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist b/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist index 8625135c48..8db68fcea7 100644 --- a/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist +++ b/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist @@ -2815,6 +2815,10 @@ GLIBC_2.38 __nldbl___isoc23_vsscanf F GLIBC_2.38 __nldbl___isoc23_vswscanf F GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist b/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist index d00c7eb262..ec9747b7ea 100644 --- a/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist +++ b/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist @@ -2608,6 +2608,10 @@ GLIBC_2.38 __nldbl___isoc23_vsscanf F GLIBC_2.38 __nldbl___isoc23_vswscanf F GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/sh/be/libc.abilist b/sysdeps/unix/sysv/linux/sh/be/libc.abilist index b63037241d..9576b818d8 100644 --- a/sysdeps/unix/sysv/linux/sh/be/libc.abilist +++ b/sysdeps/unix/sysv/linux/sh/be/libc.abilist @@ -2658,6 +2658,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/sh/le/libc.abilist b/sysdeps/unix/sysv/linux/sh/le/libc.abilist index d80055617d..b67b1b2bb5 100644 --- a/sysdeps/unix/sysv/linux/sh/le/libc.abilist +++ b/sysdeps/unix/sysv/linux/sh/le/libc.abilist @@ -2655,6 +2655,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist b/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist index 5be55c11d2..b251fc9c69 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist +++ b/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist @@ -2810,6 +2810,10 @@ GLIBC_2.38 __nldbl___isoc23_vsscanf F GLIBC_2.38 __nldbl___isoc23_vswscanf F GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist b/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist index 475fdaae15..5ef9bbec34 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist +++ b/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist @@ -2623,6 +2623,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist b/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist index 6cfb928bc8..9ad800b62e 100644 --- a/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist +++ b/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist @@ -2574,6 +2574,10 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist b/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist index c735097172..6a3a66c5d4 100644 --- a/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist +++ b/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist @@ -2680,3 +2680,7 @@ GLIBC_2.38 __isoc23_wcstoull F GLIBC_2.38 __isoc23_wcstoull_l F GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F +GLIBC_2.38 __strlcat_chk F +GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 strlcat F +GLIBC_2.38 strlcpy F From patchwork Thu Apr 20 12:28:20 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 68060 X-Patchwork-Delegate: siddhesh@gotplt.org Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 31FC8385701B for ; Thu, 20 Apr 2023 12:29:00 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 31FC8385701B DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1681993740; bh=8n2BZKPgPVKormX2wKwyCZqstPcTUGqN26d97VjXaEg=; h=To:Subject:In-Reply-To:References:Date:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: From; b=X2ui9RPlO+p5FzxNLq1Y8KEDOx7q9qwN1Bl9TFe945K2vqLDYHhkdfmiPdy3/B7fR KLdybPK7xVDPqJKX+pQiscbyEJhXr6J0pn21ZLlRA44+Ey4mmOXkiwDXqkIVrPk/lu ImMmAU3hdcAGzJXswfMa1GHc4Yd13527HlbN9K3Q= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTPS id 0CD133858C1F for ; Thu, 20 Apr 2023 12:28:25 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 0CD133858C1F Received: from mimecast-mx02.redhat.com (mx3-rdu2.redhat.com [66.187.233.73]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-660-usj9f1zfP2GzKKkkHi6Ouw-1; Thu, 20 Apr 2023 08:28:23 -0400 X-MC-Unique: usj9f1zfP2GzKKkkHi6Ouw-1 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.rdu2.redhat.com [10.11.54.2]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id 83F271C17424 for ; Thu, 20 Apr 2023 12:28:23 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.2.16.5]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 5BF8B4020BEE for ; Thu, 20 Apr 2023 12:28:22 +0000 (UTC) To: libc-alpha@sourceware.org Subject: [PATCH v2 2/3] Add the wcslcpy, wcslcat functions In-Reply-To: References: X-From-Line: b1f657f157716de519b2b927d9ba214e04cbdca6 Mon Sep 17 00:00:00 2001 Message-Id: Date: Thu, 20 Apr 2023 14:28:20 +0200 User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.2 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-10.9 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Florian Weimer via Libc-alpha From: Florian Weimer Reply-To: Florian Weimer Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" These functions are about to be added to POSIX, under Austin Group issue 986. The fortified versions use byte counters instead of character counts for the compiler-generated size argument. This is expected to result in less generated code for dynamic object sizes because most allocation functions use byte counts, not wide character counts. --- debug/Makefile | 2 + debug/Versions | 2 + debug/tst-fortify.c | 17 ++++ debug/wcslcat_chk.c | 31 +++++++ debug/wcslcpy_chk.c | 31 +++++++ include/wchar.h | 5 + sysdeps/mach/hurd/i386/libc.abilist | 4 + sysdeps/unix/sysv/linux/aarch64/libc.abilist | 4 + sysdeps/unix/sysv/linux/alpha/libc.abilist | 4 + sysdeps/unix/sysv/linux/arc/libc.abilist | 4 + sysdeps/unix/sysv/linux/arm/be/libc.abilist | 4 + sysdeps/unix/sysv/linux/arm/le/libc.abilist | 4 + sysdeps/unix/sysv/linux/csky/libc.abilist | 4 + sysdeps/unix/sysv/linux/hppa/libc.abilist | 4 + sysdeps/unix/sysv/linux/i386/libc.abilist | 4 + sysdeps/unix/sysv/linux/ia64/libc.abilist | 4 + .../sysv/linux/loongarch/lp64/libc.abilist | 4 + .../sysv/linux/m68k/coldfire/libc.abilist | 4 + .../unix/sysv/linux/m68k/m680x0/libc.abilist | 4 + .../sysv/linux/microblaze/be/libc.abilist | 4 + .../sysv/linux/microblaze/le/libc.abilist | 4 + .../sysv/linux/mips/mips32/fpu/libc.abilist | 4 + .../sysv/linux/mips/mips32/nofpu/libc.abilist | 4 + .../sysv/linux/mips/mips64/n32/libc.abilist | 4 + .../sysv/linux/mips/mips64/n64/libc.abilist | 4 + sysdeps/unix/sysv/linux/nios2/libc.abilist | 4 + sysdeps/unix/sysv/linux/or1k/libc.abilist | 4 + .../linux/powerpc/powerpc32/fpu/libc.abilist | 4 + .../powerpc/powerpc32/nofpu/libc.abilist | 4 + .../linux/powerpc/powerpc64/be/libc.abilist | 4 + .../linux/powerpc/powerpc64/le/libc.abilist | 4 + .../unix/sysv/linux/riscv/rv32/libc.abilist | 4 + .../unix/sysv/linux/riscv/rv64/libc.abilist | 4 + .../unix/sysv/linux/s390/s390-32/libc.abilist | 4 + .../unix/sysv/linux/s390/s390-64/libc.abilist | 4 + sysdeps/unix/sysv/linux/sh/be/libc.abilist | 4 + sysdeps/unix/sysv/linux/sh/le/libc.abilist | 4 + .../sysv/linux/sparc/sparc32/libc.abilist | 4 + .../sysv/linux/sparc/sparc64/libc.abilist | 4 + .../unix/sysv/linux/x86_64/64/libc.abilist | 4 + .../unix/sysv/linux/x86_64/x32/libc.abilist | 4 + wcsmbs/Makefile | 4 + wcsmbs/Versions | 2 + wcsmbs/bits/wchar2.h | 37 ++++++++ wcsmbs/tst-wcslcat.c | 93 +++++++++++++++++++ wcsmbs/tst-wcslcpy.c | 78 ++++++++++++++++ wcsmbs/wchar.h | 13 +++ wcsmbs/wcslcat.c | 60 ++++++++++++ wcsmbs/wcslcpy.c | 46 +++++++++ 49 files changed, 561 insertions(+) create mode 100644 debug/wcslcat_chk.c create mode 100644 debug/wcslcpy_chk.c create mode 100644 wcsmbs/tst-wcslcat.c create mode 100644 wcsmbs/tst-wcslcpy.c create mode 100644 wcsmbs/wcslcat.c create mode 100644 wcsmbs/wcslcpy.c diff --git a/debug/Makefile b/debug/Makefile index f5f27f793c..4f018abecf 100644 --- a/debug/Makefile +++ b/debug/Makefile @@ -104,6 +104,8 @@ routines = \ wcrtomb_chk \ wcscat_chk \ wcscpy_chk \ + wcslcat_chk \ + wcslcpy_chk \ wcsncat_chk \ wcsncpy_chk \ wcsnrtombs_chk \ diff --git a/debug/Versions b/debug/Versions index 94dfa5f428..9cf2725992 100644 --- a/debug/Versions +++ b/debug/Versions @@ -61,6 +61,8 @@ libc { GLIBC_2.38 { __strlcat_chk; __strlcpy_chk; + __wcslcat_chk; + __wcslcpy_chk; } GLIBC_PRIVATE { __fortify_fail; diff --git a/debug/tst-fortify.c b/debug/tst-fortify.c index f74a5e04dc..9fe20627ee 100644 --- a/debug/tst-fortify.c +++ b/debug/tst-fortify.c @@ -782,6 +782,18 @@ do_test (void) wcsncpy (wbuf + 9, L"XABCDEFGH", 8); CHK_FAIL_END + CHK_FAIL_START + wcslcpy (wbuf + 7, L"X", 4); + CHK_FAIL_END + + CHK_FAIL_START + wcslcpy (wbuf + 7, L"X", l0 + 4); + CHK_FAIL_END + + CHK_FAIL_START + wcslcpy (wbuf + 9, L"XABCDEFGH", 8); + CHK_FAIL_END + CHK_FAIL_START wcpncpy (wbuf + 9, L"XABCDEFGH", 8); CHK_FAIL_END @@ -804,6 +816,11 @@ do_test (void) wcsncat (wbuf, L"ZYXWV", l0 + 3); CHK_FAIL_END + wmemcpy (wbuf, wstr1 + 4, 7); + CHK_FAIL_START + wcslcat (wbuf, L"ZYXWV", l0 + 11); + CHK_FAIL_END + CHK_FAIL_START wmemcpy (wa.buf1 + 1, L"abcdefghij", 10); CHK_FAIL_END diff --git a/debug/wcslcat_chk.c b/debug/wcslcat_chk.c new file mode 100644 index 0000000000..5d63fba076 --- /dev/null +++ b/debug/wcslcat_chk.c @@ -0,0 +1,31 @@ +/* Fortified version of wcslcat. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +/* Check that the user-supplied size does not exceed the + compiler-determined size, and then forward to wcslcat. */ +size_t +__wcslcat_chk (wchar_t *__restrict s1, const wchar_t *__restrict s2, + size_t n, size_t s1len) +{ + if (__glibc_unlikely (s1len / sizeof (wchar_t) < n)) + __chk_fail (); + + return __wcslcat (s1, s2, n); +} diff --git a/debug/wcslcpy_chk.c b/debug/wcslcpy_chk.c new file mode 100644 index 0000000000..ff7434b59a --- /dev/null +++ b/debug/wcslcpy_chk.c @@ -0,0 +1,31 @@ +/* Fortified version of wcslcpy. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +/* Check that the user-supplied size does not exceed the + compiler-determined size, and then forward to wcslcpy. */ +size_t +__wcslcpy_chk (wchar_t *__restrict s1, const wchar_t *__restrict s2, + size_t n, size_t s1len) +{ + if (__glibc_unlikely (s1len / sizeof (wchar_t) < n)) + __chk_fail (); + + return __wcslcpy (s1, s2, n); +} diff --git a/include/wchar.h b/include/wchar.h index fafe7c8e9b..ff4ae52045 100644 --- a/include/wchar.h +++ b/include/wchar.h @@ -203,6 +203,8 @@ extern size_t __wcslen (const wchar_t *__s) __attribute_pure__; extern size_t __wcsnlen (const wchar_t *__s, size_t __maxlen) __attribute_pure__; extern wchar_t *__wcscat (wchar_t *dest, const wchar_t *src); +extern __typeof (wcslcat) __wcslcat; +libc_hidden_proto (__wcslcat) extern wint_t __btowc (int __c) attribute_hidden; extern int __mbsinit (const __mbstate_t *__ps); extern size_t __mbrtowc (wchar_t *__restrict __pwc, @@ -237,8 +239,11 @@ extern wchar_t *__wcscpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src) attribute_hidden __nonnull ((1, 2)); libc_hidden_proto (__wcscpy) +extern __typeof (wcslcpy) __wcslcpy; +libc_hidden_proto (__wcslcpy) extern wchar_t *__wcsncpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src, size_t __n); + extern wchar_t *__wcpcpy (wchar_t *__dest, const wchar_t *__src); extern wchar_t *__wcpncpy (wchar_t *__dest, const wchar_t *__src, size_t __n); diff --git a/sysdeps/mach/hurd/i386/libc.abilist b/sysdeps/mach/hurd/i386/libc.abilist index 9b4c5f4719..74a9f427b2 100644 --- a/sysdeps/mach/hurd/i386/libc.abilist +++ b/sysdeps/mach/hurd/i386/libc.abilist @@ -2328,8 +2328,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/aarch64/libc.abilist b/sysdeps/unix/sysv/linux/aarch64/libc.abilist index cf51b88932..c49363e70e 100644 --- a/sysdeps/unix/sysv/linux/aarch64/libc.abilist +++ b/sysdeps/unix/sysv/linux/aarch64/libc.abilist @@ -2667,5 +2667,9 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F diff --git a/sysdeps/unix/sysv/linux/alpha/libc.abilist b/sysdeps/unix/sysv/linux/alpha/libc.abilist index 4b25f343b8..d6b1dcaae6 100644 --- a/sysdeps/unix/sysv/linux/alpha/libc.abilist +++ b/sysdeps/unix/sysv/linux/alpha/libc.abilist @@ -2776,8 +2776,12 @@ GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/arc/libc.abilist b/sysdeps/unix/sysv/linux/arc/libc.abilist index 5a58cc0477..dfe0c3f7b6 100644 --- a/sysdeps/unix/sysv/linux/arc/libc.abilist +++ b/sysdeps/unix/sysv/linux/arc/libc.abilist @@ -2428,5 +2428,9 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F diff --git a/sysdeps/unix/sysv/linux/arm/be/libc.abilist b/sysdeps/unix/sysv/linux/arm/be/libc.abilist index 99ce948c5c..6c75e5aa76 100644 --- a/sysdeps/unix/sysv/linux/arm/be/libc.abilist +++ b/sysdeps/unix/sysv/linux/arm/be/libc.abilist @@ -548,8 +548,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 _Exit F GLIBC_2.4 _IO_2_1_stderr_ D 0xa0 GLIBC_2.4 _IO_2_1_stdin_ D 0xa0 diff --git a/sysdeps/unix/sysv/linux/arm/le/libc.abilist b/sysdeps/unix/sysv/linux/arm/le/libc.abilist index c00bf72ebc..03d6f7ae2d 100644 --- a/sysdeps/unix/sysv/linux/arm/le/libc.abilist +++ b/sysdeps/unix/sysv/linux/arm/le/libc.abilist @@ -545,8 +545,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 _Exit F GLIBC_2.4 _IO_2_1_stderr_ D 0xa0 GLIBC_2.4 _IO_2_1_stdin_ D 0xa0 diff --git a/sysdeps/unix/sysv/linux/csky/libc.abilist b/sysdeps/unix/sysv/linux/csky/libc.abilist index 71130f2c6b..d858c108c6 100644 --- a/sysdeps/unix/sysv/linux/csky/libc.abilist +++ b/sysdeps/unix/sysv/linux/csky/libc.abilist @@ -2704,5 +2704,9 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F diff --git a/sysdeps/unix/sysv/linux/hppa/libc.abilist b/sysdeps/unix/sysv/linux/hppa/libc.abilist index 5a651c03df..82a14f8ace 100644 --- a/sysdeps/unix/sysv/linux/hppa/libc.abilist +++ b/sysdeps/unix/sysv/linux/hppa/libc.abilist @@ -2653,8 +2653,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/i386/libc.abilist b/sysdeps/unix/sysv/linux/i386/libc.abilist index 12b91ef632..1950b15d5d 100644 --- a/sysdeps/unix/sysv/linux/i386/libc.abilist +++ b/sysdeps/unix/sysv/linux/i386/libc.abilist @@ -2837,8 +2837,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/ia64/libc.abilist b/sysdeps/unix/sysv/linux/ia64/libc.abilist index f223c5e08d..d0b9cb279b 100644 --- a/sysdeps/unix/sysv/linux/ia64/libc.abilist +++ b/sysdeps/unix/sysv/linux/ia64/libc.abilist @@ -2602,8 +2602,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist b/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist index b91ed6e704..e760a631dd 100644 --- a/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist +++ b/sysdeps/unix/sysv/linux/loongarch/lp64/libc.abilist @@ -2188,5 +2188,9 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F diff --git a/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist b/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist index 0d91d7f1ae..35785a3d5f 100644 --- a/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist +++ b/sysdeps/unix/sysv/linux/m68k/coldfire/libc.abilist @@ -549,8 +549,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 _Exit F GLIBC_2.4 _IO_2_1_stderr_ D 0x98 GLIBC_2.4 _IO_2_1_stdin_ D 0x98 diff --git a/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist b/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist index e87b22747a..4ab2426e0a 100644 --- a/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist +++ b/sysdeps/unix/sysv/linux/m68k/m680x0/libc.abilist @@ -2780,8 +2780,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist b/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist index f7623d6d72..38faa16232 100644 --- a/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist +++ b/sysdeps/unix/sysv/linux/microblaze/be/libc.abilist @@ -2753,5 +2753,9 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F diff --git a/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist b/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist index 298aa99b42..374d658988 100644 --- a/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist +++ b/sysdeps/unix/sysv/linux/microblaze/le/libc.abilist @@ -2750,5 +2750,9 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F diff --git a/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist index f83bdc50cd..fcc5e88e91 100644 --- a/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist +++ b/sysdeps/unix/sysv/linux/mips/mips32/fpu/libc.abilist @@ -2745,8 +2745,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist index 611ece2ac4..01eb96cd93 100644 --- a/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist +++ b/sysdeps/unix/sysv/linux/mips/mips32/nofpu/libc.abilist @@ -2743,8 +2743,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist index 0af286fda1..a2748b7b74 100644 --- a/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist +++ b/sysdeps/unix/sysv/linux/mips/mips64/n32/libc.abilist @@ -2751,8 +2751,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist b/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist index 8285f2196e..0ae7ba499d 100644 --- a/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist +++ b/sysdeps/unix/sysv/linux/mips/mips64/n64/libc.abilist @@ -2653,8 +2653,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/nios2/libc.abilist b/sysdeps/unix/sysv/linux/nios2/libc.abilist index c7144d7cd8..947495a0e2 100644 --- a/sysdeps/unix/sysv/linux/nios2/libc.abilist +++ b/sysdeps/unix/sysv/linux/nios2/libc.abilist @@ -2792,5 +2792,9 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F diff --git a/sysdeps/unix/sysv/linux/or1k/libc.abilist b/sysdeps/unix/sysv/linux/or1k/libc.abilist index bb43247795..115f1039e7 100644 --- a/sysdeps/unix/sysv/linux/or1k/libc.abilist +++ b/sysdeps/unix/sysv/linux/or1k/libc.abilist @@ -2174,5 +2174,9 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist index 7cc5660830..19c4c325b0 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc32/fpu/libc.abilist @@ -2819,8 +2819,12 @@ GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist index dd290af782..3e043c4044 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc32/nofpu/libc.abilist @@ -2852,8 +2852,12 @@ GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist index f2b001402c..e4f3a766bb 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc64/be/libc.abilist @@ -2573,8 +2573,12 @@ GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist b/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist index 9cc431666e..dafe1c4a59 100644 --- a/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist +++ b/sysdeps/unix/sysv/linux/powerpc/powerpc64/le/libc.abilist @@ -2887,5 +2887,9 @@ GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F diff --git a/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist b/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist index b9b725f913..b9740a1afc 100644 --- a/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist +++ b/sysdeps/unix/sysv/linux/riscv/rv32/libc.abilist @@ -2430,5 +2430,9 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F diff --git a/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist b/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist index e0f4863856..e3b4656aa2 100644 --- a/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist +++ b/sysdeps/unix/sysv/linux/riscv/rv64/libc.abilist @@ -2630,5 +2630,9 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F diff --git a/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist b/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist index 8db68fcea7..84cb7a50ed 100644 --- a/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist +++ b/sysdeps/unix/sysv/linux/s390/s390-32/libc.abilist @@ -2817,8 +2817,12 @@ GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist b/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist index ec9747b7ea..33df3b1646 100644 --- a/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist +++ b/sysdeps/unix/sysv/linux/s390/s390-64/libc.abilist @@ -2610,8 +2610,12 @@ GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/sh/be/libc.abilist b/sysdeps/unix/sysv/linux/sh/be/libc.abilist index 9576b818d8..94cbccd715 100644 --- a/sysdeps/unix/sysv/linux/sh/be/libc.abilist +++ b/sysdeps/unix/sysv/linux/sh/be/libc.abilist @@ -2660,8 +2660,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/sh/le/libc.abilist b/sysdeps/unix/sysv/linux/sh/le/libc.abilist index b67b1b2bb5..3bb316a787 100644 --- a/sysdeps/unix/sysv/linux/sh/le/libc.abilist +++ b/sysdeps/unix/sysv/linux/sh/le/libc.abilist @@ -2657,8 +2657,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist b/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist index b251fc9c69..6341b491b4 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist +++ b/sysdeps/unix/sysv/linux/sparc/sparc32/libc.abilist @@ -2812,8 +2812,12 @@ GLIBC_2.38 __nldbl___isoc23_vwscanf F GLIBC_2.38 __nldbl___isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 _IO_fprintf F GLIBC_2.4 _IO_printf F GLIBC_2.4 _IO_sprintf F diff --git a/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist b/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist index 5ef9bbec34..8ed1ea2926 100644 --- a/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist +++ b/sysdeps/unix/sysv/linux/sparc/sparc64/libc.abilist @@ -2625,8 +2625,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist b/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist index 9ad800b62e..57cfcc2086 100644 --- a/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist +++ b/sysdeps/unix/sysv/linux/x86_64/64/libc.abilist @@ -2576,8 +2576,12 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F GLIBC_2.4 __confstr_chk F GLIBC_2.4 __fgets_chk F GLIBC_2.4 __fgets_unlocked_chk F diff --git a/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist b/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist index 6a3a66c5d4..3f0a9f6d82 100644 --- a/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist +++ b/sysdeps/unix/sysv/linux/x86_64/x32/libc.abilist @@ -2682,5 +2682,9 @@ GLIBC_2.38 __isoc23_wcstoumax F GLIBC_2.38 __isoc23_wscanf F GLIBC_2.38 __strlcat_chk F GLIBC_2.38 __strlcpy_chk F +GLIBC_2.38 __wcslcat_chk F +GLIBC_2.38 __wcslcpy_chk F GLIBC_2.38 strlcat F GLIBC_2.38 strlcpy F +GLIBC_2.38 wcslcat F +GLIBC_2.38 wcslcpy F diff --git a/wcsmbs/Makefile b/wcsmbs/Makefile index 4aa43252d7..ac03437661 100644 --- a/wcsmbs/Makefile +++ b/wcsmbs/Makefile @@ -66,6 +66,8 @@ routines := \ wcscpy \ wcscspn \ wcsdup \ + wcslcat \ + wcslcpy \ wcslen \ wcsmbsload \ wcsncase \ @@ -146,6 +148,8 @@ tests := \ tst-wchar-h \ tst-wcpncpy \ tst-wcrtomb \ + tst-wcslcat \ + tst-wcslcpy \ tst-wcsnlen \ tst-wcstod-nan-locale \ tst-wcstod-nan-sign \ diff --git a/wcsmbs/Versions b/wcsmbs/Versions index 2d9391348a..7bdfe43b4a 100644 --- a/wcsmbs/Versions +++ b/wcsmbs/Versions @@ -65,5 +65,7 @@ libc { __isoc23_vswscanf; __isoc23_vwscanf; __isoc23_wscanf; + wcslcat; + wcslcpy; } } diff --git a/wcsmbs/bits/wchar2.h b/wcsmbs/bits/wchar2.h index 8b41e6fbd6..02f44ab373 100644 --- a/wcsmbs/bits/wchar2.h +++ b/wcsmbs/bits/wchar2.h @@ -199,6 +199,43 @@ __NTH (wcsncat (wchar_t *__restrict __dest, const wchar_t *__restrict __src, return __wcsncat_alias (__dest, __src, __n); } +#ifdef __USE_MISC +extern size_t __wcslcpy_chk (wchar_t *__dest, const wchar_t *__src, size_t __n, + size_t __destlen) __THROW; +extern size_t __REDIRECT_NTH (__wcslcpy_alias, + (wchar_t *__dest, const wchar_t *__src, + size_t __n), wcslcpy); + +__fortify_function size_t +__NTH (wcslcpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src, + size_t __n)) +{ + if (__glibc_objsize (__dest) != (size_t) -1 + && (!__builtin_constant_p (__n + > __glibc_objsize (__dest) / sizeof (wchar_t)) + || __n > __glibc_objsize (__dest) / sizeof (wchar_t))) + return __wcslcpy_chk (__dest, __src, __n, __glibc_objsize (__dest)); + return __wcslcpy_alias (__dest, __src, __n); +} + +extern size_t __wcslcat_chk (wchar_t *__dest, const wchar_t *__src, size_t __n, + size_t __destlen) __THROW; +extern size_t __REDIRECT_NTH (__wcslcat_alias, + (wchar_t *__dest, const wchar_t *__src, + size_t __n), wcslcat); + +__fortify_function size_t +__NTH (wcslcat (wchar_t *__restrict __dest, const wchar_t *__restrict __src, + size_t __n)) +{ + if (__glibc_objsize (__dest) != (size_t) -1 + && (!__builtin_constant_p (__n > __glibc_objsize (__dest) + / sizeof (wchar_t)) + || __n > __glibc_objsize (__dest) / sizeof (wchar_t))) + return __wcslcat_chk (__dest, __src, __n, __glibc_objsize (__dest)); + return __wcslcat_alias (__dest, __src, __n); +} +#endif /* __USE_MISC */ extern int __REDIRECT_NTH_LDBL (__swprintf_alias, diff --git a/wcsmbs/tst-wcslcat.c b/wcsmbs/tst-wcslcat.c new file mode 100644 index 0000000000..63c3a164b5 --- /dev/null +++ b/wcsmbs/tst-wcslcat.c @@ -0,0 +1,93 @@ +/* Test the wcslcat function. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include +#include + +static int +do_test (void) +{ + struct { + wchar_t buf1[16]; + wchar_t buf2[16]; + } s; + + /* Nothing is written to the destination if its size is 0. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + TEST_COMPARE (wcslcat (s.buf1, L"", 0), 0); + TEST_COMPARE_BLOB (&s, sizeof (s), L"@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + TEST_COMPARE (wcslcat (s.buf1, L"Hello!", 0), 6); + TEST_COMPARE_BLOB (&s, sizeof (s), L"@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* No bytes are are modified in the target buffer if the source + string is short enough. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + wcscpy (s.buf1, L"He"); + TEST_COMPARE (wcslcat (s.buf1, L"llo!", array_length (s.buf1)), 6); + TEST_COMPARE_BLOB (&s, sizeof (s), L"Hello!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* A source string which fits exactly into the destination buffer is + not truncated. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + wcscpy (s.buf1, L"H"); + TEST_COMPARE (wcslcat (s.buf1, L"ello, world!!!", array_length (s.buf1)), + 15); + TEST_COMPARE_BLOB (&s, sizeof (s), + L"Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* A source string one character longer than the destination buffer + is truncated by one character. The total length is returned. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + wcscpy (s.buf1, L"Hello"); + TEST_COMPARE (wcslcat (s.buf1, L", world!!!!", array_length (s.buf1)), 16); + TEST_COMPARE_BLOB (&s, sizeof (s), + L"Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* An even longer source string is truncated as well, and the total + length is returned. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + wcscpy (s.buf1, L"Hello,"); + TEST_COMPARE (wcslcat (s.buf1, L" world!!!!!!!!", array_length (s.buf1)), + 20); + TEST_COMPARE_BLOB (&s, sizeof (s), + L"Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* A destination string which is not NUL-terminated does not result + in any changes to the buffer. */ + wmemset (s.buf1, '$', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + TEST_COMPARE (wcslcat (s.buf1, L"", array_length (s.buf1)), 16); + TEST_COMPARE_BLOB (&s, sizeof (s), L"$$$$$$$$$$$$$$$$@@@@@@@@@@@@@@@@", 128); + TEST_COMPARE (wcslcat (s.buf1, L"Hello!", array_length (s.buf1)), 22); + TEST_COMPARE_BLOB (&s, sizeof (s), L"$$$$$$$$$$$$$$$$@@@@@@@@@@@@@@@@", 128); + TEST_COMPARE (wcslcat (s.buf1, L"Hello, world!!!!!!!!", + array_length (s.buf1)), 36); + TEST_COMPARE_BLOB (&s, sizeof (s), L"$$$$$$$$$$$$$$$$@@@@@@@@@@@@@@@@", 128); + + return 0; +} + +#include diff --git a/wcsmbs/tst-wcslcpy.c b/wcsmbs/tst-wcslcpy.c new file mode 100644 index 0000000000..8eaffbf0c4 --- /dev/null +++ b/wcsmbs/tst-wcslcpy.c @@ -0,0 +1,78 @@ +/* Test the wcslcpy function. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include +#include + +static int +do_test (void) +{ + struct { + wchar_t buf1[16]; + wchar_t buf2[16]; + } s; + + /* Nothing is written to the destination if its size is 0. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + TEST_COMPARE (wcslcpy (s.buf1, L"Hello!", 0), 6); + TEST_COMPARE_BLOB (&s, sizeof (s), L"@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* No bytes are are modified in the target buffer if the source + string is short enough. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + TEST_COMPARE (wcslcpy (s.buf1, L"Hello!", array_length (s.buf1)), 6); + TEST_COMPARE_BLOB (&s, sizeof (s), + L"Hello!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* A source string which fits exactly into the destination buffer is + not truncated. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + TEST_COMPARE (wcslcpy (s.buf1, L"Hello, world!!!", array_length (s.buf1)), + 15); + TEST_COMPARE_BLOB (&s, sizeof (s), + L"Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* A source string one character longer than the destination buffer + is truncated by one character. The untruncated source length is + returned. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + TEST_COMPARE (wcslcpy (s.buf1, L"Hello, world!!!!", array_length (s.buf1)), + 16); + TEST_COMPARE_BLOB (&s, sizeof (s), + L"Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* An even longer source string is truncated as well, and the + original length is returned. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + TEST_COMPARE (wcslcpy (s.buf1, L"Hello, world!!!!!!!!", + array_length (s.buf1)), 20); + TEST_COMPARE_BLOB (&s, sizeof (s), + L"Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + return 0; +} + +#include diff --git a/wcsmbs/wchar.h b/wcsmbs/wchar.h index acc2eb9ddf..6d15503830 100644 --- a/wcsmbs/wchar.h +++ b/wcsmbs/wchar.h @@ -93,6 +93,19 @@ extern wchar_t *wcsncpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src, size_t __n) __THROW __nonnull ((1, 2)); +#ifdef __USE_MISC +/* Copy at most N - 1 characters from SRC to DEST. */ +extern size_t wcslcpy (wchar_t *__restrict __dest, + const wchar_t *__restrict __src, size_t __n) + __THROW __nonnull ((1, 2)) __attr_access ((__write_only__, 1, 3)); + +/* Append SRC to DEST, possibly with truncation to keep the total size + below N. */ +extern size_t wcslcat (wchar_t *__restrict __dest, + const wchar_t *__restrict __src, size_t __n) + __THROW __nonnull ((1, 2)) __attr_access ((__read_write__, 1, 3)); +#endif + /* Append SRC onto DEST. */ extern wchar_t *wcscat (wchar_t *__restrict __dest, const wchar_t *__restrict __src) diff --git a/wcsmbs/wcslcat.c b/wcsmbs/wcslcat.c new file mode 100644 index 0000000000..3bac6a2aa0 --- /dev/null +++ b/wcsmbs/wcslcat.c @@ -0,0 +1,60 @@ +/* Append a null-terminated wide string to another, with length checking. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include + +size_t +__wcslcat (wchar_t *__restrict dest, const wchar_t *__restrict src, + size_t size) +{ + size_t src_length = __wcslen (src); + + /* Our implementation strlcat supports dest == NULL if size == 0 + (for consistency with snprintf and strlcpy), but wcsnlen does + not, so we have to cover this case explicitly. */ + if (size == 0) + return src_length; + + size_t dest_length = __wcsnlen (dest, size); + if (dest_length != size) + { + /* Copy at most the remaining number of characters in the + destination buffer. Leave for the null terminator. */ + size_t to_copy = size - dest_length - 1; + /* But not more than what is available in the source string. */ + if (to_copy > src_length) + to_copy = src_length; + + wchar_t *target = dest + dest_length; + __wmemcpy (target, src, to_copy); + target[to_copy] = '\0'; + } + + /* If the sum wraps around, we have more than SIZE_MAX + 2 bytes in + the two input strings (including both null terminators). If each + byte in the address space can be assigned a unique size_t value + (which the static_assert checks), then by the pigeonhole + principle, the two input strings must overlap, which is + undefined. */ + _Static_assert (sizeof (uintptr_t) == sizeof (size_t), + "theoretical maximum object size covers address space"); + return dest_length + src_length; +} +libc_hidden_def (__wcslcat) +weak_alias (__wcslcat, wcslcat) diff --git a/wcsmbs/wcslcpy.c b/wcsmbs/wcslcpy.c new file mode 100644 index 0000000000..a1b1f1b43f --- /dev/null +++ b/wcsmbs/wcslcpy.c @@ -0,0 +1,46 @@ +/* Copy a null-terminated wide string to a fixed-size buffer. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +size_t +__wcslcpy (wchar_t *__restrict dest, const wchar_t *__restrict src, size_t size) +{ + size_t src_length = __wcslen (src); + + if (__glibc_unlikely (src_length >= size)) + { + if (size > 0) + { + /* Copy the leading portion of the string. The last + character is subsequently overwritten with the null + terminator, but the destination size is usually a + multiple of a small power of two, so writing it twice + should be more efficient than copying an odd number of + character. */ + __wmemcpy (dest, src, size); + dest[size - 1] = '\0'; + } + } + else + /* Copy the string and its terminating null character. */ + __wmemcpy (dest, src, src_length + 1); + return src_length; +} +libc_hidden_def (__wcslcpy) +weak_alias (__wcslcpy, wcslcpy) From patchwork Thu Apr 20 12:28:25 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 68062 X-Patchwork-Delegate: siddhesh@gotplt.org Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 33D9F3858421 for ; Thu, 20 Apr 2023 12:30:09 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 33D9F3858421 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1681993809; bh=eWsGMtI/RQms8JL+Uwauynmwe1vxDo9ywG7R3spIHMA=; h=To:Subject:In-Reply-To:References:Date:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: From; b=vSPtRFMLkjsYVZh8iWzIOxgn5kRZVMdiITfonfUhlPPXteCRdOZB5lneMLMaEXRgl zQfZYrDqCENbpjIFnrZ6O85GB1RN294pj3jSz5uCotTSsITdJkDJPxGQpTU4WXRL49 EWBmX0J+cq3qI+8UQDXk3I2AI/CAM44vsHCqaJx4= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by sourceware.org (Postfix) with ESMTPS id C9DBD385770F for ; Thu, 20 Apr 2023 12:28:28 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org C9DBD385770F Received: from mimecast-mx02.redhat.com (mimecast-mx02.redhat.com [66.187.233.88]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id us-mta-367-m0vEUyS4M_C1Pz2vnw1aGw-1; Thu, 20 Apr 2023 08:28:27 -0400 X-MC-Unique: m0vEUyS4M_C1Pz2vnw1aGw-1 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.rdu2.redhat.com [10.11.54.5]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx02.redhat.com (Postfix) with ESMTPS id F3F98185A78B for ; Thu, 20 Apr 2023 12:28:26 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.2.16.5]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 3FADB440BC for ; Thu, 20 Apr 2023 12:28:26 +0000 (UTC) To: libc-alpha@sourceware.org Subject: [PATCH v2 3/3] manual: Manual update for strlcat, strlcpy, wcslcat, wclscpy In-Reply-To: References: X-From-Line: f39fcf3e4b98dd53f27a2d196038c73e91148cd4 Mon Sep 17 00:00:00 2001 Message-Id: Date: Thu, 20 Apr 2023 14:28:25 +0200 User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.1 on 10.11.54.5 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-10.5 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_NONE, SPF_NONE, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Florian Weimer via Libc-alpha From: Florian Weimer Reply-To: Florian Weimer Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" From: Paul Eggert Co-authored-by: Florian Weimer Reviewed-by: Siddhesh Poyarekar --- manual/maint.texi | 8 ++++ manual/string.texi | 96 ++++++++++++++++++++++++++++++++++++++++++++-- 2 files changed, 101 insertions(+), 3 deletions(-) diff --git a/manual/maint.texi b/manual/maint.texi index a8441e20b6..89da704f45 100644 --- a/manual/maint.texi +++ b/manual/maint.texi @@ -371,6 +371,10 @@ The following functions and macros are fortified in @theglibc{}: @item @code{strcpy} +@item @code{strlcat} + +@item @code{strlcpy} + @item @code{strncat} @item @code{strncpy} @@ -411,6 +415,10 @@ The following functions and macros are fortified in @theglibc{}: @item @code{wcscpy} +@item @code{wcslcat} + +@item @code{wcslcpy} + @item @code{wcsncat} @item @code{wcsncpy} diff --git a/manual/string.texi b/manual/string.texi index ad57265274..4149d54ee7 100644 --- a/manual/string.texi +++ b/manual/string.texi @@ -726,8 +726,8 @@ This function has undefined results if the strings overlap. As noted below, this function has significant performance issues. @end deftypefun -Programmers using the @code{strcat} or @code{wcscat} function (or the -@code{strncat} or @code{wcsncat} functions defined in +Programmers using the @code{strcat} or @code{wcscat} functions (or the +@code{strlcat}, @code{strncat} and @code{wcsncat} functions defined in a later section, for that matter) can easily be recognized as lazy and reckless. In almost all situations the lengths of the participating strings are known (it better should be @@ -848,7 +848,8 @@ function. The example would work for wide characters the same way. Whenever a programmer feels the need to use @code{strcat} she or he should think twice and look through the program to see whether the code cannot be rewritten to take advantage of already calculated results. -The related functions @code{strncat} and @code{wcscat} +The related functions @code{strlcat}, @code{strncat}, +@code{wcscat} and @code{wcsncat} are almost always unnecessary, too. Again: it is almost always unnecessary to use functions like @code{strcat}. @@ -1076,6 +1077,95 @@ processing strings. Also, this function has significant performance issues. @xref{Concatenating Strings}. @end deftypefun +@deftypefun size_t strlcpy (char *restrict @var{to}, const char *restrict @var{from}, size_t @var{size}) +@standards{BSD, string.h} +@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} +This function copies the string @var{from} to the destination array +@var{to}, limiting the result's size (including the null terminator) +to @var{size}. The caller should ensure that @var{size} includes room +for the result's terminating null byte. + +If @var{size} is greater than the length of the string @var{from}, +this function copies the non-null bytes of the string +@var{from} to the destination array @var{to}, +and terminates the copy with a null byte. Like other +string functions such as @code{strcpy}, but unlike @code{strncpy}, any +remaining bytes in the destination array remain unchanged. + +If @var{size} is nonzero and less than or equal to the the length of the string +@var{from}, this function copies only the first @samp{@var{size} - 1} +bytes to the destination array @var{to}, and writes a terminating null +byte to the last byte of the array. + +This function returns the length of the string @var{from}. This means +that truncation occurs if and only if the returned value is greater +than or equal to @var{size}. + +The behavior is undefined if @var{to} or @var{from} is a null pointer, +or if the destination array's size is less than @var{size}, or if the +string @var{from} overlaps the first @var{size} bytes of the +destination array. + +As noted below, this function is generally a poor choice for +processing strings. Also, this function has a performance issue, +as its time cost is proportional to the length of @var{from} +even when @var{size} is small. + +This function is derived from OpenBSD 2.4. +@end deftypefun + +@deftypefun size_t wcslcpy (wchar_t *restrict @var{to}, const wchar_t *restrict @var{from}, size_t @var{size}) +@standards{BSD, string.h} +@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} +This function is a variant of @code{strlcpy} for wide strings. +The @var{size} argument counts the length of the destination buffer in +wide characters (and not bytes). + +This function is derived from BSD. +@end deftypefun + +@deftypefun size_t strlcat (char *restrict @var{to}, const char *restrict @var{from}, size_t @var{size}) +@standards{BSD, string.h} +@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} +This function appends the string @var{from} to the +string @var{to}, limiting the result's total size (including the null +terminator) to @var{size}. The caller should ensure that @var{size} +includes room for the result's terminating null byte. + +This function copies as much as possible of the string @var{from} into +the array at @var{to} of @var{size} bytes, starting at the terminating +null byte of the original string @var{to}. In effect, this appends +the string @var{from} to the string @var{to}. Although the resulting +string will contain a null terminator, it can be truncated (not all +bytes in @var{from} may be copied). + +This function returns the sum of the original length of @var{to} and +the length of @var{from}. This means that truncation occurs if and +only if the returned value is greater than or equal to @var{size}. + +The behavior is undefined if @var{to} or @var{from} is a null pointer, +or if the destination array's size is less than @var{size}, or if the +destination array does not contain a null byte in its first @var{size} +bytes, or if the string @var{from} overlaps the first @var{size} bytes +of the destination array. + +As noted below, this function is generally a poor choice for +processing strings. Also, this function has significant performance +issues. @xref{Concatenating Strings}. + +This function is derived from OpenBSD 2.4. +@end deftypefun + +@deftypefun size_t wcslcat (wchar_t *restrict @var{to}, const wchar_t *restrict @var{from}, size_t @var{size}) +@standards{BSD, string.h} +@safety{@prelim{}@mtsafe{}@assafe{}@acsafe{}} +This function is a variant of @code{strlcat} for wide strings. +The @var{size} argument counts the length of the destination buffer in +wide characters (and not bytes). + +This function is derived from BSD. +@end deftypefun + Because these functions can abruptly truncate strings or wide strings, they are generally poor choices for processing them. When copying or concatening multibyte strings, they can truncate within a multibyte