This is the mail archive of the glibc-bugs@sources.redhat.com mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug manual/431] New: description and example for strncat is incorrect and error prone


The description for function strncat in section "Copying and Concatenation" of 
the glibc manual states that strncat can be implemented this way:

char *strncat (char *to, const char *from, size_t size){
   to[strlen (to) + size] = '\0';
   strncpy (to + strlen (to), from, size);
   return to;
}
          
This is incorrect as more than strlen(from)+1 characters are appended to the 
destination array "to".  It conficts with the C99 description : appended 
characters are said to come from "from" and that NUL and subsequent characters 
are not copied.
The implementation in string/bits/string2.h does not contain this erroneous 
behaviour.

Furthermore, the example provided for strncpy and strncat just below is typical 
of bad programming practice, leading unsuspecting readers to produce buggy code:

- the propotype for main without a return type (or void) is deprecated, and 
incorrect by C99 standard.
- the assumption made in this code that SIZE be larger than strlen("hello") is 
implicit and undocumented!  If it were not the case, buffer would not be NUL 
terminated and both puts and strlen would have undefined behaviour, and strncat 
would very likely produce a buffer overflow.

It sets a bad example.  I have seen so many programmers bitten by this kind of 
code, even savvy hackers, that I think it does not belong in the GNU libc 
manual.

As a matter of fact, I think strncpy and strncat should be described as error 
prone and frowned upon.

Chqrlie

-- 
           Summary: description and example for strncat is incorrect and
                    error prone
           Product: glibc
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: manual
        AssignedTo: roland at gnu dot org
        ReportedBy: gmane at chqrlie dot org
                CC: glibc-bugs at sources dot redhat dot com


http://sources.redhat.com/bugzilla/show_bug.cgi?id=431

------- You are receiving this mail because: -------
You are on the CC list for the bug, or are watching someone who is.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]