From b54e5d1c9257cf1f55f46613aa438bce8fe73d10 Mon Sep 17 00:00:00 2001 From: Florian Weimer Date: Wed, 14 Jun 2023 18:10:24 +0200 Subject: Add the wcslcpy, wcslcat functions These functions are about to be added to POSIX, under Austin Group issue 986. Reviewed-by: Siddhesh Poyarekar --- wcsmbs/Makefile | 4 +++ wcsmbs/Versions | 2 ++ wcsmbs/bits/wchar2.h | 39 ++++++++++++++++++++++ wcsmbs/tst-wcslcat.c | 93 ++++++++++++++++++++++++++++++++++++++++++++++++++++ wcsmbs/tst-wcslcpy.c | 78 +++++++++++++++++++++++++++++++++++++++++++ wcsmbs/wchar.h | 13 ++++++++ wcsmbs/wcslcat.c | 60 +++++++++++++++++++++++++++++++++ wcsmbs/wcslcpy.c | 46 ++++++++++++++++++++++++++ 8 files changed, 335 insertions(+) create mode 100644 wcsmbs/tst-wcslcat.c create mode 100644 wcsmbs/tst-wcslcpy.c create mode 100644 wcsmbs/wcslcat.c create mode 100644 wcsmbs/wcslcpy.c (limited to 'wcsmbs') diff --git a/wcsmbs/Makefile b/wcsmbs/Makefile index ea8ea7b..d8512c8 100644 --- a/wcsmbs/Makefile +++ b/wcsmbs/Makefile @@ -74,6 +74,8 @@ routines := \ wcscpy \ wcscspn \ wcsdup \ + wcslcat \ + wcslcpy \ wcslen \ wcsmbsload \ wcsncase \ @@ -155,6 +157,8 @@ tests := \ tst-wchar-h \ tst-wcpncpy \ tst-wcrtomb \ + tst-wcslcat \ + tst-wcslcpy \ tst-wcsnlen \ tst-wcstod-nan-locale \ tst-wcstod-nan-sign \ diff --git a/wcsmbs/Versions b/wcsmbs/Versions index 2d93913..7bdfe43 100644 --- a/wcsmbs/Versions +++ b/wcsmbs/Versions @@ -65,5 +65,7 @@ libc { __isoc23_vswscanf; __isoc23_vwscanf; __isoc23_wscanf; + wcslcat; + wcslcpy; } } diff --git a/wcsmbs/bits/wchar2.h b/wcsmbs/bits/wchar2.h index 8b41e6f..9def8e9 100644 --- a/wcsmbs/bits/wchar2.h +++ b/wcsmbs/bits/wchar2.h @@ -199,6 +199,45 @@ __NTH (wcsncat (wchar_t *__restrict __dest, const wchar_t *__restrict __src, return __wcsncat_alias (__dest, __src, __n); } +#ifdef __USE_MISC +extern size_t __wcslcpy_chk (wchar_t *__dest, const wchar_t *__src, size_t __n, + size_t __destlen) __THROW; +extern size_t __REDIRECT_NTH (__wcslcpy_alias, + (wchar_t *__dest, const wchar_t *__src, + size_t __n), wcslcpy); + +__fortify_function size_t +__NTH (wcslcpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src, + size_t __n)) +{ + if (__glibc_objsize (__dest) != (size_t) -1 + && (!__builtin_constant_p (__n + > __glibc_objsize (__dest) / sizeof (wchar_t)) + || __n > __glibc_objsize (__dest) / sizeof (wchar_t))) + return __wcslcpy_chk (__dest, __src, __n, + __glibc_objsize (__dest) / sizeof (wchar_t)); + return __wcslcpy_alias (__dest, __src, __n); +} + +extern size_t __wcslcat_chk (wchar_t *__dest, const wchar_t *__src, size_t __n, + size_t __destlen) __THROW; +extern size_t __REDIRECT_NTH (__wcslcat_alias, + (wchar_t *__dest, const wchar_t *__src, + size_t __n), wcslcat); + +__fortify_function size_t +__NTH (wcslcat (wchar_t *__restrict __dest, const wchar_t *__restrict __src, + size_t __n)) +{ + if (__glibc_objsize (__dest) != (size_t) -1 + && (!__builtin_constant_p (__n > __glibc_objsize (__dest) + / sizeof (wchar_t)) + || __n > __glibc_objsize (__dest) / sizeof (wchar_t))) + return __wcslcat_chk (__dest, __src, __n, + __glibc_objsize (__dest) / sizeof (wchar_t)); + return __wcslcat_alias (__dest, __src, __n); +} +#endif /* __USE_MISC */ extern int __REDIRECT_NTH_LDBL (__swprintf_alias, diff --git a/wcsmbs/tst-wcslcat.c b/wcsmbs/tst-wcslcat.c new file mode 100644 index 0000000..63c3a16 --- /dev/null +++ b/wcsmbs/tst-wcslcat.c @@ -0,0 +1,93 @@ +/* Test the wcslcat function. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include +#include + +static int +do_test (void) +{ + struct { + wchar_t buf1[16]; + wchar_t buf2[16]; + } s; + + /* Nothing is written to the destination if its size is 0. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + TEST_COMPARE (wcslcat (s.buf1, L"", 0), 0); + TEST_COMPARE_BLOB (&s, sizeof (s), L"@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + TEST_COMPARE (wcslcat (s.buf1, L"Hello!", 0), 6); + TEST_COMPARE_BLOB (&s, sizeof (s), L"@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* No bytes are are modified in the target buffer if the source + string is short enough. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + wcscpy (s.buf1, L"He"); + TEST_COMPARE (wcslcat (s.buf1, L"llo!", array_length (s.buf1)), 6); + TEST_COMPARE_BLOB (&s, sizeof (s), L"Hello!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* A source string which fits exactly into the destination buffer is + not truncated. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + wcscpy (s.buf1, L"H"); + TEST_COMPARE (wcslcat (s.buf1, L"ello, world!!!", array_length (s.buf1)), + 15); + TEST_COMPARE_BLOB (&s, sizeof (s), + L"Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* A source string one character longer than the destination buffer + is truncated by one character. The total length is returned. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + wcscpy (s.buf1, L"Hello"); + TEST_COMPARE (wcslcat (s.buf1, L", world!!!!", array_length (s.buf1)), 16); + TEST_COMPARE_BLOB (&s, sizeof (s), + L"Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* An even longer source string is truncated as well, and the total + length is returned. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + wcscpy (s.buf1, L"Hello,"); + TEST_COMPARE (wcslcat (s.buf1, L" world!!!!!!!!", array_length (s.buf1)), + 20); + TEST_COMPARE_BLOB (&s, sizeof (s), + L"Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* A destination string which is not NUL-terminated does not result + in any changes to the buffer. */ + wmemset (s.buf1, '$', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + TEST_COMPARE (wcslcat (s.buf1, L"", array_length (s.buf1)), 16); + TEST_COMPARE_BLOB (&s, sizeof (s), L"$$$$$$$$$$$$$$$$@@@@@@@@@@@@@@@@", 128); + TEST_COMPARE (wcslcat (s.buf1, L"Hello!", array_length (s.buf1)), 22); + TEST_COMPARE_BLOB (&s, sizeof (s), L"$$$$$$$$$$$$$$$$@@@@@@@@@@@@@@@@", 128); + TEST_COMPARE (wcslcat (s.buf1, L"Hello, world!!!!!!!!", + array_length (s.buf1)), 36); + TEST_COMPARE_BLOB (&s, sizeof (s), L"$$$$$$$$$$$$$$$$@@@@@@@@@@@@@@@@", 128); + + return 0; +} + +#include diff --git a/wcsmbs/tst-wcslcpy.c b/wcsmbs/tst-wcslcpy.c new file mode 100644 index 0000000..8eaffbf --- /dev/null +++ b/wcsmbs/tst-wcslcpy.c @@ -0,0 +1,78 @@ +/* Test the wcslcpy function. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include +#include +#include +#include + +static int +do_test (void) +{ + struct { + wchar_t buf1[16]; + wchar_t buf2[16]; + } s; + + /* Nothing is written to the destination if its size is 0. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + TEST_COMPARE (wcslcpy (s.buf1, L"Hello!", 0), 6); + TEST_COMPARE_BLOB (&s, sizeof (s), L"@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* No bytes are are modified in the target buffer if the source + string is short enough. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + TEST_COMPARE (wcslcpy (s.buf1, L"Hello!", array_length (s.buf1)), 6); + TEST_COMPARE_BLOB (&s, sizeof (s), + L"Hello!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* A source string which fits exactly into the destination buffer is + not truncated. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + TEST_COMPARE (wcslcpy (s.buf1, L"Hello, world!!!", array_length (s.buf1)), + 15); + TEST_COMPARE_BLOB (&s, sizeof (s), + L"Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* A source string one character longer than the destination buffer + is truncated by one character. The untruncated source length is + returned. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + TEST_COMPARE (wcslcpy (s.buf1, L"Hello, world!!!!", array_length (s.buf1)), + 16); + TEST_COMPARE_BLOB (&s, sizeof (s), + L"Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + /* An even longer source string is truncated as well, and the + original length is returned. */ + wmemset (s.buf1, '@', array_length (s.buf1)); + wmemset (s.buf2, '@', array_length (s.buf2)); + TEST_COMPARE (wcslcpy (s.buf1, L"Hello, world!!!!!!!!", + array_length (s.buf1)), 20); + TEST_COMPARE_BLOB (&s, sizeof (s), + L"Hello, world!!!\0@@@@@@@@@@@@@@@@@@@@@@@@@", 128); + + return 0; +} + +#include diff --git a/wcsmbs/wchar.h b/wcsmbs/wchar.h index d16f2e6..531b3c8 100644 --- a/wcsmbs/wchar.h +++ b/wcsmbs/wchar.h @@ -104,6 +104,19 @@ extern wchar_t *wcsncpy (wchar_t *__restrict __dest, const wchar_t *__restrict __src, size_t __n) __THROW __nonnull ((1, 2)); +#ifdef __USE_MISC +/* Copy at most N - 1 characters from SRC to DEST. */ +extern size_t wcslcpy (wchar_t *__restrict __dest, + const wchar_t *__restrict __src, size_t __n) + __THROW __nonnull ((1, 2)) __attr_access ((__write_only__, 1, 3)); + +/* Append SRC to DEST, possibly with truncation to keep the total size + below N. */ +extern size_t wcslcat (wchar_t *__restrict __dest, + const wchar_t *__restrict __src, size_t __n) + __THROW __nonnull ((1, 2)) __attr_access ((__read_write__, 1, 3)); +#endif + /* Append SRC onto DEST. */ extern wchar_t *wcscat (wchar_t *__restrict __dest, const wchar_t *__restrict __src) diff --git a/wcsmbs/wcslcat.c b/wcsmbs/wcslcat.c new file mode 100644 index 0000000..3bac6a2 --- /dev/null +++ b/wcsmbs/wcslcat.c @@ -0,0 +1,60 @@ +/* Append a null-terminated wide string to another, with length checking. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include +#include + +size_t +__wcslcat (wchar_t *__restrict dest, const wchar_t *__restrict src, + size_t size) +{ + size_t src_length = __wcslen (src); + + /* Our implementation strlcat supports dest == NULL if size == 0 + (for consistency with snprintf and strlcpy), but wcsnlen does + not, so we have to cover this case explicitly. */ + if (size == 0) + return src_length; + + size_t dest_length = __wcsnlen (dest, size); + if (dest_length != size) + { + /* Copy at most the remaining number of characters in the + destination buffer. Leave for the null terminator. */ + size_t to_copy = size - dest_length - 1; + /* But not more than what is available in the source string. */ + if (to_copy > src_length) + to_copy = src_length; + + wchar_t *target = dest + dest_length; + __wmemcpy (target, src, to_copy); + target[to_copy] = '\0'; + } + + /* If the sum wraps around, we have more than SIZE_MAX + 2 bytes in + the two input strings (including both null terminators). If each + byte in the address space can be assigned a unique size_t value + (which the static_assert checks), then by the pigeonhole + principle, the two input strings must overlap, which is + undefined. */ + _Static_assert (sizeof (uintptr_t) == sizeof (size_t), + "theoretical maximum object size covers address space"); + return dest_length + src_length; +} +libc_hidden_def (__wcslcat) +weak_alias (__wcslcat, wcslcat) diff --git a/wcsmbs/wcslcpy.c b/wcsmbs/wcslcpy.c new file mode 100644 index 0000000..a1b1f1b --- /dev/null +++ b/wcsmbs/wcslcpy.c @@ -0,0 +1,46 @@ +/* Copy a null-terminated wide string to a fixed-size buffer. + Copyright (C) 2023 Free Software Foundation, Inc. + This file is part of the GNU C Library. + + The GNU C Library is free software; you can redistribute it and/or + modify it under the terms of the GNU Lesser General Public + License as published by the Free Software Foundation; either + version 2.1 of the License, or (at your option) any later version. + + The GNU C Library is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU + Lesser General Public License for more details. + + You should have received a copy of the GNU Lesser General Public + License along with the GNU C Library; if not, see + . */ + +#include + +size_t +__wcslcpy (wchar_t *__restrict dest, const wchar_t *__restrict src, size_t size) +{ + size_t src_length = __wcslen (src); + + if (__glibc_unlikely (src_length >= size)) + { + if (size > 0) + { + /* Copy the leading portion of the string. The last + character is subsequently overwritten with the null + terminator, but the destination size is usually a + multiple of a small power of two, so writing it twice + should be more efficient than copying an odd number of + character. */ + __wmemcpy (dest, src, size); + dest[size - 1] = '\0'; + } + } + else + /* Copy the string and its terminating null character. */ + __wmemcpy (dest, src, src_length + 1); + return src_length; +} +libc_hidden_def (__wcslcpy) +weak_alias (__wcslcpy, wcslcpy) -- cgit v1.1