lib/strlcat.c

   1 /* Append a null-terminated string to another string, with length checking.
   2  * Copyright (C) 2016 Free Software Foundation, Inc.
   3  * This file is part of the GNU C Library.
   4  *
   5  * The GNU C Library is free software; you can redistribute it and/or
   6  * modify it under the terms of the GNU Lesser General Public
   7  * License as published by the Free Software Foundation; either
   8  * version 2.1 of the License, or (at your option) any later version.
   9  *
  10  * The GNU C Library is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13  * Lesser General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU Lesser General Public
  16  * License along with the GNU C Library; if not, see
  17  * <http://www.gnu.org/licenses/>.
  18  */
  19
  20 /* adapted for Quagga from glibc patch submission originally from
  21  * Florian Weimer <fweimer@redhat.com>, 2016-05-18 */
  22
  23 #ifdef HAVE_CONFIG_H
  24 #include "config.h"
  25 #endif
  26
  27 #include <stdint.h>
  28 #include <string.h>
  29
  30 #ifndef HAVE_STRLCAT
  31 #undef strlcat
  32
  33 size_t strlcat(char *__restrict dest,
  34                const char *__restrict src, size_t destsize);
  35
  36 size_t strlcat(char *__restrict dest,
  37                const char *__restrict src, size_t destsize)
  38 {
  39         size_t src_length = strlen(src);
  40
  41         /* Our implementation strlcat supports dest == NULL if size == 0
  42            (for consistency with snprintf and strlcpy), but strnlen does
  43            not, so we have to cover this case explicitly.  */
  44         if (destsize == 0)
  45                 return src_length;
  46
  47         size_t dest_length = strnlen(dest, destsize);
  48         if (dest_length != destsize) {
  49                 /* Copy at most the remaining number of characters in the
  50                    destination buffer.  Leave for the NUL terminator.  */
  51                 size_t to_copy = destsize - dest_length - 1;
  52                 /* But not more than what is available in the source string.  */
  53                 if (to_copy > src_length)
  54                         to_copy = src_length;
  55
  56                 char *target = dest + dest_length;
  57                 memcpy(target, src, to_copy);
  58                 target[to_copy] = '\0';
  59         }
  60
  61 /* If the sum wraps around, we have more than SIZE_MAX + 2 bytes in
  62    the two input strings (including both null terminators).  If each
  63    byte in the address space can be assigned a unique size_t value
  64    (which the static_assert checks), then by the pigeonhole
  65    principle, the two input strings must overlap, which is
  66    undefined.  */
  67         _Static_assert(sizeof(uintptr_t) == sizeof(size_t),
  68                        "theoretical maximum object size covers address space");
  69         return dest_length + src_length;
  70 }
  71 #endif /* HAVE_STRLCAT */