lib/strlcat.c

   1 /* Append a null-terminated string to another string, with length checking.
   2  * Copyright (C) 2016 Free Software Foundation, Inc.
   3  * This file is part of the GNU C Library.
   4  *
   5  * The GNU C Library is free software; you can redistribute it and/or
   6  * modify it under the terms of the GNU Lesser General Public
   7  * License as published by the Free Software Foundation; either
   8  * version 2.1 of the License, or (at your option) any later version.
   9  *
  10  * The GNU C Library is distributed in the hope that it will be useful,
  11  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  12  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13  * Lesser General Public License for more details.
  14  *
  15  * You should have received a copy of the GNU Lesser General Public
  16  * License along with the GNU C Library; if not, see
  17  * <http://www.gnu.org/licenses/>.
  18  */
  19
  20 /* adapted for Quagga from glibc patch submission originally from
  21  * Florian Weimer <fweimer@redhat.com>, 2016-05-18 */
  22
  23 #include <stdint.h>
  24 #include <string.h>
  25
  26 #include "config.h"
  27
  28 #ifndef HAVE_STRLCAT
  29 #undef strlcat
  30
  31 size_t
  32 strlcat (char *__restrict dest, const char *__restrict src, size_t size);
  33
  34 size_t
  35 strlcat (char *__restrict dest, const char *__restrict src, size_t size)
  36 {
  37   size_t src_length = strlen (src);
  38
  39   /* Our implementation strlcat supports dest == NULL if size == 0
  40      (for consistency with snprintf and strlcpy), but strnlen does
  41      not, so we have to cover this case explicitly.  */
  42   if (size == 0)
  43     return src_length;
  44
  45   size_t dest_length = strnlen (dest, size);
  46   if (dest_length != size)
  47     {
  48       /* Copy at most the remaining number of characters in the
  49          destination buffer.  Leave for the NUL terminator.  */
  50       size_t to_copy = size - dest_length - 1;
  51       /* But not more than what is available in the source string.  */
  52       if (to_copy > src_length)
  53         to_copy = src_length;
  54
  55       char *target = dest + dest_length;
  56       memcpy (target, src, to_copy);
  57       target[to_copy] = '\0';
  58     }
  59
  60   /* If the sum wraps around, we have more than SIZE_MAX + 2 bytes in
  61      the two input strings (including both null terminators).  If each
  62      byte in the address space can be assigned a unique size_t value
  63      (which the static_assert checks), then by the pigeonhole
  64      principle, the two input strings must overlap, which is
  65      undefined.  */
  66 #if __STDC_VERSION__ >= 201112L
  67   _Static_assert (sizeof (uintptr_t) == sizeof (size_t),
  68                   "theoretical maximum object size covers address space");
  69 #endif
  70   return dest_length + src_length;
  71 }
  72 #endif /* HAVE_STRLCAT */