Discussion:
strlcat/strlcpy vs overlapping arguments
Jonathan Thornburg
2008-05-27 10:53:21 UTC
Permalink
In message <http://marc.info/?l=openbsd-tech&m=121183803128128&w=1>,
"Ted Unangst" <ted.unangst () gmail ! com> pointed out that
# strlcpy is wrong with overlapping arguments.

Should this be mentioned in the strlcpy/strlcat man page?
(It isn't as of 4.3-release.) Here's a suggested patch:

Index: strlcpy.3
===================================================================
RCS file: /cvs/src/lib/libc/string/strlcpy.3,v
retrieving revision 1.19
diff -u -r1.19 strlcpy.3
--- strlcpy.3 31 May 2007 19:19:32 -0000 1.19
+++ strlcpy.3 27 May 2008 10:51:45 -0000
@@ -88,6 +88,17 @@
It will append at most
.Fa size
- strlen(dst) - 1 bytes, NUL-terminating the result.
+.Pp
+.Fa src
+and
+.Fa dst
+must not overlap, i.e., no character copied by
+.Fn strlcpy
+or
+.Fn strlcat
+may be within the initial
+.Fa dst
+string.
.Sh RETURN VALUES
The
.Fn strlcpy

ciao,
--
-- Jonathan Thornburg (remove -animal to reply) <***@soton.ac-zebra.uk>
School of Mathematics, U of Southampton, England
"Washing one's hands of the conflict between the powerful and the
powerless means to side with the powerful, not to be neutral."
-- quote by Freire / poster by Oxfam
Ted Unangst
2008-05-27 16:41:33 UTC
Permalink
Post by Jonathan Thornburg
In message <http://marc.info/?l=openbsd-tech&m=121183803128128&w=1>,
"Ted Unangst" <ted.unangst () gmail ! com> pointed out that
# strlcpy is wrong with overlapping arguments.
Should this be mentioned in the strlcpy/strlcat man page?
Maybe. I think it logically follows that the same rules would apply
as they do for strcpy and strcat, without mentioning them all.
Theo de Raadt
2008-05-27 16:52:17 UTC
Permalink
Post by Ted Unangst
Post by Jonathan Thornburg
In message <http://marc.info/?l=openbsd-tech&m=121183803128128&w=1>,
"Ted Unangst" <ted.unangst () gmail ! com> pointed out that
# strlcpy is wrong with overlapping arguments.
Should this be mentioned in the strlcpy/strlcat man page?
Maybe. I think it logically follows that the same rules would apply
as they do for strcpy and strcat, without mentioning them all.
I agree with Ted. I think it is obvious, and does not need to be
stated. The manual pages describe the algorithm in sufficient detail.

If you can't program, then please -- don't program.
Craig Findlay
2008-05-27 23:09:52 UTC
Permalink
Post by Theo de Raadt
If you can't program, then please -- don't program.
Hmmm, not sure if I agree with that, I no one ever tried to do things
that they can't do, the world would be a sorry place.

Craig
Theo de Raadt
2008-05-27 23:16:47 UTC
Permalink
Post by Craig Findlay
Post by Theo de Raadt
If you can't program, then please -- don't program.
Hmmm, not sure if I agree with that, I no one ever tried to do things
that they can't do, the world would be a sorry place.
So you'll go write the next great buffer overflowing program and
punish all the people who use it?

If you can't use strcpy and strlcpy correctly, then you should not
be a programmer.
Tony Abernethy
2008-05-27 23:43:04 UTC
Permalink
Post by Craig Findlay
Post by Theo de Raadt
If you can't program, then please -- don't program.
Hmmm, not sure if I agree with that, I no one ever tried to do things
that they can't do, the world would be a sorry place.
Craig
A monkey MIGHT sit down to a typewriter and write a novel.
However, that is not the way to bet.


Overlapping parameters on a memory to memory copy:
That turf belongs to non-portable code and bare assembly
where it is the programmer's whim that dictates storage order.

Any "high-level" code that depends on that kind of behavior
has gotta be suicidal.
Glenn Becker
2008-05-28 00:18:06 UTC
Permalink
Post by Tony Abernethy
A monkey MIGHT sit down to a typewriter and write a novel.
However, that is not the way to bet.
With all due respect, it is also (strictly speaking) possible that someone
might be born knowing how to program and therefore never need to
experiment or make mistakes; however, I wouldn't lay my money there,
either.

+-----------------------------------------------------+
Glenn Becker - ***@sdf.lonestar.org
SDF Public Access UNIX System - http://sdf.lonestar.org
+-----------------------------------------------------+
Tony Abernethy
2008-05-28 01:13:40 UTC
Permalink
Post by Glenn Becker
Post by Tony Abernethy
A monkey MIGHT sit down to a typewriter and write a novel.
However, that is not the way to bet.
With all due respect, it is also (strictly speaking) possible
that someone
might be born knowing how to program and therefore never need to
experiment or make mistakes; however, I wouldn't lay my money there,
either.
Quibble about the THEREFORE.

People who know how to program, born that way or otherwise,
know how to experiment and profit from mistakes.
Seems that it is only the people who do NOT know how to program
that assume that they cannot make mistakes
and do not need to experiment.

Pollywog
2008-05-27 23:55:08 UTC
Permalink
Post by Craig Findlay
Post by Theo de Raadt
If you can't program, then please -- don't program.
Hmmm, not sure if I agree with that, I no one ever tried to do things
that they can't do, the world would be a sorry place.
I think the advice should have been not to program *professionally* until one
knows what he or she is doing. Nobody is born a programmer.
Ted Unangst
2008-05-28 01:07:21 UTC
Permalink
Post by Theo de Raadt
If you can't program, then please -- don't program.
Hmmm, not sure if I agree with that, I no one ever tried to do things that
they can't do, the world would be a sorry place.
the man pages are not intended to be a replacement for "learn to
program in c in 24 hours". if you are lacking elementary principles,
the solution is to find a better (different) introduction, not dumb
down the man pages.
Loading...