On 31/7/20 3:52 am, Sebastian Huber wrote: > On 30/07/2020 18:05, Gedare Bloom wrote: > >> On Thu, Jul 30, 2020 at 9:55 AM Sebastian Huber >> <sebastian.hu...@embedded-brains.de> wrote: >>> On 30/07/2020 17:53, Gedare Bloom wrote: >>> >>>> On Thu, Jul 30, 2020 at 9:44 AM Sebastian Huber >>>> <sebastian.hu...@embedded-brains.de> wrote: >>>>> On 30/07/2020 13:36, Aschref Ben-Thabet wrote: >>>>> >>>>>> diff --git a/testsuites/psxtests/psxndbm01/init.c >>>>>> b/testsuites/psxtests/psxndbm01/init.c >>>>>> index a13afa7315..b524aff0df 100644 >>>>>> --- a/testsuites/psxtests/psxndbm01/init.c >>>>>> +++ b/testsuites/psxtests/psxndbm01/init.c >>>>>> @@ -218,7 +218,7 @@ rtems_task Init(rtems_task_argument ignored) >>>>>> >>>>>> puts( "Fetch non-existing record and confirm error." ); >>>>>> test_strings = (char*)malloc(6); >>>>>> - strncpy( test_strings, "Hello", 5 ); >>>>>> + memcpy( test_strings, "Hello", 5 ); >>>>>> >>>>>> test_strings[5] = '\0'; >>>>> In the glibc devel list this approach was suggested for problems like >>>>> this: >>>>> >>>>> *(char *) mempcpy( test_strings, "Hello", 5 ) = '\0'; >>>>> >>>>> https://sourceware.org/legacy-ml/libc-alpha/2000-08/msg00061.html >>>>> >>>> This code is suspect/wrong. that should create a NUL at the start of >>>> the test_strings. I'd rather see the memcpy followed by appending the >>>> NUL. It is easy enough to understand I think. >>> Yes, this was also my impression then I did read this code snippet. >>> Please note that this is memPcpy(), a GNU extension. >> thanks, I had missed that. >> >> I don't think there is an easy generalized way to do the delimiting >> with the standard memcpy. You could do it in one line, if we really >> wanted something like: >> >> ((char *) memcpy (test_strings, "Hello", 5 ))[5] = '\0'; >> >> We could even create a little helper to do it if it is a common pattern. > > The mempcpy() is also available in Newlib. > > The only thing I know is that strncpy() is a useless function. With the new > GCC > warnings it is nearly impossible to use correctly. This function is an > historic > accident.
It is still about, consider this article ... https://www.cprogramming.com/tutorial/secure.html I selected it at random from a list google present when I asked about secure programming and strncpy. > There are several ways to fix the warnings and I think there is no clear > direction. We basically have the option to use the OpenBSD invented strlcpy() > and strlcat() functions or some sort of memcpy() and mempcpy(). I think the > OpenBSD philosophy is that if you put something in the strl*() and then at > least > a C-string is created. This may help to contain software bugs a bit and hinder > error propagation. Yeap. The glibc developer philosophy is probably that they only > care about correct code and if you make mistakes that you can go to hell. Hmm. Chris _______________________________________________ devel mailing list devel@rtems.org http://lists.rtems.org/mailman/listinfo/devel
