Introduce osmo_strlcpy() function so we can stop using strncpy()

I'm aware of the existing criticism on stlrcpy(), but I think it is still better than what we have now: stnrcpy(), sometimes with Coverity warnings and sometimes with a manual setting of the termination byte. The implementation follows the linux kernel strlcpy() which is claimed to be BSD compatible. We could of course link against libbsd on Linux instead, but I think it's reasonably small and simple to provide our own implementation. Future versions of libosmocore could use some autoconf magic and preprocessor macros to use the system-provided strlcpy() if it exists. Change-Id: Ifdc99b0e3b8631f1e771e58acaf9efb00a9cd493
2016-11-26 10:41:40 +01:00 · 2016-11-26 10:41:40 +01:00 · aeecc48c45
parent 1fa78567e4
commit aeecc48c45
2 changed files with 24 additions and 0 deletions
--- a/include/osmocom/core/utils.h
+++ b/include/osmocom/core/utils.h
@ -82,4 +82,6 @@ int osmo_constant_time_cmp(const uint8_t *exp, const uint8_t *rel, const int cou
 uint64_t osmo_decode_big_endian(const uint8_t *data, size_t data_len);
 uint8_t *osmo_encode_big_endian(uint64_t value, size_t data_len);

+size_t osmo_strlcpy(char *dst, const char *src, size_t siz);
+
 /*! @} */
--- a/src/utils.c
+++ b/src/utils.c
@ -339,3 +339,25 @@ uint8_t *osmo_encode_big_endian(uint64_t value, size_t data_len)
 	return buf;
 }
 /*! @} */
+
+/*! \brief Copy a C-string into a sized buffer
+ *  \param[in] src source string
+ *  \param[out] dst destination string
+ *  \param[in] siz size of the \a dst string
+ *  \returns length of source string
+ *
+ *  Copies up to \a siz characters from \a src to \a dst, but ensures
+ *  that the last character of \a dst is always a NUL character.  May
+ *  truncate \a src to do achieve this.
+ */
+size_t osmo_strlcpy(char *dst, const char *src, size_t siz)
+{
+	size_t ret = strlen(src);
+
+	if (siz) {
+		size_t len = (ret >= siz) ? siz - 1 : ret;
+		memcpy(dst, src, len);
+		dst[len] = '\0';
+	}
+	return ret;
+}