lib/strlcat.c

   1 /* Append a null-terminated string to another string, with length checking.
   2    Copyright (C) 2016 Free Software Foundation, Inc.
   3    This file is part of the GNU C Library.
   4
   5    The GNU C Library is free software; you can redistribute it and/or
   6    modify it under the terms of the GNU Lesser General Public
   7    License as published by the Free Software Foundation; either
   8    version 2.1 of the License, or (at your option) any later version.
   9
  10    The GNU C Library is distributed in the hope that it will be useful,
  11    but WITHOUT ANY WARRANTY; without even the implied warranty of
  12    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13    Lesser General Public License for more details.
  14
  15    You should have received a copy of the GNU Lesser General Public
  16    License along with the GNU C Library; if not, see
  17    <http://www.gnu.org/licenses/>.  */
  18
  19 /* adapted for Quagga from glibc patch submission originally from
  20  * Florian Weimer <fweimer@redhat.com>, 2016-05-18 */
  21
  22 #include <stdint.h>
  23 #include <string.h>
  24
  25 #include "config.h"
  26
  27 #ifndef HAVE_STRLCAT
  28 #undef strlcat
  29
  30 size_t strlcat(char *__restrict dest, const char *__restrict src, size_t size);
  31
  32 size_t strlcat(char *__restrict dest, const char *__restrict src, size_t size)
  33 {
  34         size_t src_length = strlen(src);
  35
  36         /* Our implementation strlcat supports dest == NULL if size == 0
  37            (for consistency with snprintf and strlcpy), but strnlen does
  38            not, so we have to cover this case explicitly.  */
  39         if (size == 0)
  40                 return src_length;
  41
  42         size_t dest_length = strnlen(dest, size);
  43         if (dest_length != size) {
  44                 /* Copy at most the remaining number of characters in the
  45                    destination buffer.  Leave for the NUL terminator.  */
  46                 size_t to_copy = size - dest_length - 1;
  47                 /* But not more than what is available in the source string.  */
  48                 if (to_copy > src_length)
  49                         to_copy = src_length;
  50
  51                 char *target = dest + dest_length;
  52                 memcpy(target, src, to_copy);
  53                 target[to_copy] = '\0';
  54         }
  55
  56 /* If the sum wraps around, we have more than SIZE_MAX + 2 bytes in
  57    the two input strings (including both null terminators).  If each
  58    byte in the address space can be assigned a unique size_t value
  59    (which the static_assert checks), then by the pigeonhole
  60    principle, the two input strings must overlap, which is
  61    undefined.  */
  62 #if __STDC_VERSION__ >= 201112L
  63         _Static_assert(sizeof(uintptr_t) == sizeof(size_t),
  64                        "theoretical maximum object size covers address space");
  65 #endif
  66         return dest_length + src_length;
  67 }
  68 #endif /* HAVE_STRLCAT */