Commit Graph

5 Commits

Author SHA1 Message Date
Alejandro Colomar ce4c4d4ad5 lib/string/sprintf.h: Add SNPRINTF() macro
It wraps snprintf(3) so that it performs some steps that one might
forget, or might be prone to accidents:

-  It calculates the size of the destination buffer, and makes sure it's
   an array (otherwise, using sizeof(s) would be very bad).

-  It calculates if there's truncation or an error, returning -1 if so.

BTW, this macro doesn't have any issues of double evaluation, because
sizeof() doesn't evaluate its argument (unless it's a VLA, but then the
static_assert(3) within NITEMS() makes sure VLAs are not allowed).

This macro is very similar to STRTCPY(), defined in
<lib/string/strtcpy.h>.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
2023-12-15 16:41:47 +01:00
Alejandro Colomar 93a5c47c2c lib/: Use ATTR_STRING() on stpecpy() and strtcpy()
These functions consume a source string.  Document that.  There's no way
to mark that they also produce a string in dst, though.  That will be up
to the static analyzer to guess.

Signed-off-by: Alejandro Colomar <alx@kernel.org>
2023-12-04 12:22:47 +01:00
Alejandro Colomar ad1e0e9f96 lib/string/strtcpy.h: Don't use a ternary op, to silence a -Wsign-compare warning
Signed-off-by: Alejandro Colomar <alx@kernel.org>
2023-12-04 11:45:09 +01:00
Alejandro Colomar fc8389331e lib/string/: Fortify source of strtcpy(), stpecpy(), and zustr2stp()
By writing the terminating null byte via stpcpy(3), we take advantage of
_FORTIFY_SOURCE for the last byte, which was unprotected before this
commit.

Reported-by: Serge Hallyn <serge@hallyn.com>
Signed-off-by: Alejandro Colomar <alx@kernel.org>
2023-12-03 22:24:29 -06:00
Alejandro Colomar dbb37b1b31 lib/string/: Move string-related files to string/ subdir
Signed-off-by: Alejandro Colomar <alx@kernel.org>
2023-12-03 12:22:11 -06:00