Daniel Veillard wrote: > On Tue, Sep 22, 2009 at 02:23:26PM +0200, Chris Lalancette wrote: >> Add the virStrncpy function, which takes a dst string, source string, >> the number of bytes to copy and the number of bytes available in the >> dest string. If the source string is too large to fit into the >> destination string, including the \0 byte, then no data is copied and >> the function returns NULL. Otherwise, this function copies n bytes >> from source into dst, including the \0, and returns a pointer to the >> dst string. This function is intended to replace all unsafe uses >> of strncpy in the code base, since strncpy does *not* guarantee that >> the buffer terminates with a \0. > [...] >> diff --git a/src/util/util.h b/src/util/util.h >> index f9715ab..2489f63 100644 >> --- a/src/util/util.h >> +++ b/src/util/util.h >> @@ -164,6 +164,10 @@ void virSkipSpaces(const char **str); >> int virParseNumber(const char **str); >> int virAsprintf(char **strp, const char *fmt, ...) >> ATTRIBUTE_FMT_PRINTF(2, 3); >> +char *virStrncpy(char *dest, const char *src, size_t n, size_t destbytes) >> + ATTRIBUTE_RETURN_CHECK; >> +#define virStrcpy(dest, src, destbytes) virStrncpy(dest, src, strlen(src), destbytes) >> +#define virStrcpyStatic(dest, src) virStrncpy(dest, src, strlen(src), sizeof(dest)) >> >> #define VIR_MAC_BUFLEN 6 >> #define VIR_MAC_PREFIX_BUFLEN 3 > > I would just feel beter if we kept virStrcpy and virStrcpyStatic real > functions. I prefer my macros names all uppercase and it's not like we > will gain much using macros. Actually the compiler (if gcc) probably > optimize much of this out, and the fact we are using a wrapper will > mostly kill those. The point is cleaning things up, not optimizing :) > > ACK but I would feel a bit better with purely function entry points > ... that can still be done later as a tiny patch Unfortunately that's not possible in the case of virStrcpyStatic(). Because virStrcpyStatic() does a sizeof(dest), you have to have the original char foo[123], not a char *, to get something meaningful. That means that it has to either be a macro or not exist at all. (I could be convinced of the latter, but I found it convenient when converting a number of these locations) I could make virStrcpy a small function, though. -- Chris Lalancette -- Libvir-list mailing list Libvir-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/libvir-list