From 9af869c4145a668b6db9accdea554eb57895a25e Mon Sep 17 00:00:00 2001 From: Sean Anderson Date: Thu, 11 Mar 2021 00:15:42 -0500 Subject: [PATCH] lib: string: Implement strlcat This introduces strlcat, which provides a safer interface than strncat. It never copies more than its size bytes, including the terminating nul. In addition, it never reads past dest[size - 1], even if dest is not nul-terminated. This also removes the stub for dwc3 now that we have a proper implementation. Signed-off-by: Sean Anderson Reviewed-by: Simon Glass --- drivers/usb/dwc3/linux-compat.h | 6 ------ include/linux/string.h | 3 +++ lib/string.c | 19 +++++++++++++++++++ 3 files changed, 22 insertions(+), 6 deletions(-) diff --git a/drivers/usb/dwc3/linux-compat.h b/drivers/usb/dwc3/linux-compat.h index 82793765be..3bb0bda5a6 100644 --- a/drivers/usb/dwc3/linux-compat.h +++ b/drivers/usb/dwc3/linux-compat.h @@ -13,10 +13,4 @@ #define dev_WARN(dev, format, arg...) debug(format, ##arg) -static inline size_t strlcat(char *dest, const char *src, size_t n) -{ - strcat(dest, src); - return strlen(dest) + strlen(src); -} - #endif diff --git a/include/linux/string.h b/include/linux/string.h index d67998e5c4..dd255f2163 100644 --- a/include/linux/string.h +++ b/include/linux/string.h @@ -35,6 +35,9 @@ extern char * strcat(char *, const char *); #ifndef __HAVE_ARCH_STRNCAT extern char * strncat(char *, const char *, __kernel_size_t); #endif +#ifndef __HAVE_ARCH_STRLCAT +size_t strlcat(char *, const char *, size_t); +#endif #ifndef __HAVE_ARCH_STRCMP extern int strcmp(const char *,const char *); #endif diff --git a/lib/string.c b/lib/string.c index 1b867ac09d..a0cff8fe88 100644 --- a/lib/string.c +++ b/lib/string.c @@ -180,6 +180,25 @@ char * strncat(char *dest, const char *src, size_t count) } #endif +#ifndef __HAVE_ARCH_STRLCAT +/** + * strlcat - Append a length-limited, %NUL-terminated string to another + * @dest: The string to be appended to + * @src: The string to append to it + * @size: The size of @dest + * + * Compatible with *BSD: the result is always a valid NUL-terminated string that + * fits in the buffer (unless, of course, the buffer size is zero). It does not + * write past @size like strncat() does. + */ +size_t strlcat(char *dest, const char *src, size_t size) +{ + size_t len = strnlen(dest, size); + + return len + strlcpy(dest + len, src, size - len); +} +#endif + #ifndef __HAVE_ARCH_STRCMP /** * strcmp - Compare two strings -- 2.39.5