[PATCH] openbsc[master]: add strncpy0.h for safe/convenient strncpy() wrappers

Neels Hofmeyr gerrit-no-reply at lists.osmocom.org
Fri Jan 13 02:15:23 UTC 2017


Review at  https://gerrit.osmocom.org/1588

add strncpy0.h for safe/convenient strncpy() wrappers

strncpy() is easily invoked in an unsafe way:

  strncpy(dest, src, sizeof(dest));

A safe way that ensures the terminating NUL:

  strncpy(dest, src, sizeof(dest) - 1);
  dest[sizeof(dest) - 1] = '\0';

A variant would be

  inst = talloc_zero(...);
  strncpy(inst->dest, src, sizeof(inst->dest) - 1);
  /* last byte is already zero */

One could argue that zero initialization is different from '\0' -- merely a
theoretical difference.

Provide strncpy0() as a safe wrapper for strncpy(), and provide a convenience
macro strncpy0s() to also imply the sizeof(dest). Consistent use of these
ensures that strncpy() is always invoked safely.

Change-Id: I505d58a02fe46d492087a3dcbff59e287521d5ad
---
M openbsc/include/openbsc/Makefile.am
A openbsc/include/openbsc/strncpy0.h
2 files changed, 35 insertions(+), 0 deletions(-)


  git pull ssh://gerrit.osmocom.org:29418/openbsc refs/changes/88/1588/1

diff --git a/openbsc/include/openbsc/Makefile.am b/openbsc/include/openbsc/Makefile.am
index 2466ce8..e83b40e 100644
--- a/openbsc/include/openbsc/Makefile.am
+++ b/openbsc/include/openbsc/Makefile.am
@@ -74,6 +74,7 @@
 	smpp.h \
 	sms_queue.h \
 	socket.h \
+	strncpy0.h \
 	system_information.h \
 	token_auth.h \
 	transaction.h \
diff --git a/openbsc/include/openbsc/strncpy0.h b/openbsc/include/openbsc/strncpy0.h
new file mode 100644
index 0000000..4f4ab15
--- /dev/null
+++ b/openbsc/include/openbsc/strncpy0.h
@@ -0,0 +1,34 @@
+/* Safety wrapper around strncpy() to ensure a terminating NUL byte. */
+
+/* (C) 2016 by sysmocom s.f.m.c. GmbH <info at sysmocom.de>
+ * All Rights Reserved
+ *
+ * Author: Neels Hofmeyr
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU Affero General Public License as published by
+ * the Free Software Foundation; either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ * GNU Affero General Public License for more details.
+ *
+ * You should have received a copy of the GNU Affero General Public License
+ * along with this program.  If not, see <http://www.gnu.org/licenses/>.
+ */
+
+#pragma once
+
+#include <string.h>
+
+#define strncpy0s(dest, src) \
+	strncpy0(dest, src, sizeof(dest))
+
+static inline char *strncpy0(char *dest, const char *src, size_t n)
+{
+	char *res = strncpy(dest, src, n - 1);
+	dest[n - 1] = '\0';
+	return res;
+}

-- 
To view, visit https://gerrit.osmocom.org/1588
To unsubscribe, visit https://gerrit.osmocom.org/settings

Gerrit-MessageType: newchange
Gerrit-Change-Id: I505d58a02fe46d492087a3dcbff59e287521d5ad
Gerrit-PatchSet: 1
Gerrit-Project: openbsc
Gerrit-Branch: master
Gerrit-Owner: Neels Hofmeyr <nhofmeyr at sysmocom.de>


More information about the gerrit-log mailing list