Re: strscpy

To: Maxime Villard <max%m00nbsd.net@localhost>
Subject: Re: strscpy
From: Taylor R Campbell <campbell+netbsd-tech-security%mumble.net@localhost>
Date: Fri, 29 May 2020 19:34:33 +0000

> Date: Fri, 29 May 2020 20:22:34 +0200
> From: Maxime Villard <max%m00nbsd.net@localhost>
> 
> I have updated my patch:
> 
> 	https://m00nbsd.net/garbage/libkern/strscpy.diff
> 
> We simply return -1. Will commit soon unless there is valid objection.

We shouldn't use the same name if we're implementing different
semantics.

Do we actually need it to return the length?

There are over 5000 strlcpy calls in tree.  At most 250 of them (many
of these false positives) use the return value at all.

I searched through the cases that might use the return value to find
how any of them use it.  Every case I found, except for the definition
of strlcat and a libevent regression test for strlcpy itself, uses the
return value at most to detect truncation and for no other purpose.
(sockaddr_format returns whatever strlcpy returns, but nothing uses
its return value.)

Let's just make it return zero for success and -1 for failure --
failure meaning: it was truncated before a NUL byte in the source.

Follow-Ups:
- Re: strscpy
  - From: Robert Elz
- Re: strscpy
  - From: Maxime Villard

References:
- Re: strscpy
  - From: Maxime Villard

Prev by Date: Re: strscpy
Next by Date: Re: strscpy
Previous by Thread: Re: strscpy
Next by Thread: Re: strscpy
Indexes:

Home | Main Index | Thread Index | Old Index