• Chris Metcalf's avatar
    tile gxio: use better string copy primitive · bceb7efa
    Chris Metcalf authored
    Both strncpy and strlcpy suffer from the fact that they do
    partial copies of strings into the destination when the target
    buffer is too small.  This is frequently pointless since an
    overflow of the target buffer may make the result invalid.
    
    strncpy() makes it relatively hard to even detect the error
    condition, and with strlcpy() you have to duplicate the buffer
    size parameter to test to see if the result exceeds it.
    By returning zero in the failure case, we both make testing
    for it easy, and by simply not copying anything in that case,
    we make it mandatory for callers to test the error code.
    
    To catch lazy programmers who don't check, we also place a NUL at
    the start of the destination buffer (if there is space) to
    ensure that the result is an invalid string.
    
    At some point it may make sense to promote strscpy() to
    a global platform-independent function, but other than the
    reviewers, no one was interested on LKML, so for now leave
    the strscpy() function as file-static.
    Reviewed-by: default avatarRandy Dunlap <rdunlap@infradead.org>
    Reviewed-by: default avatarRickard Strandqvist <rickard_strandqvist@spectrumdigital.se>
    Signed-off-by: default avatarChris Metcalf <cmetcalf@tilera.com>
    bceb7efa
mpipe.c 14.6 KB