From: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Date: Tue, 17 May 2016 01:42:40 +0000 (-0400)
Subject: Implement lttng_strncpy safe string copy
X-Git-Tag: v2.9.0-rc1~234
X-Git-Url: https://git.lttng.org/?p=lttng-tools.git;a=commitdiff_plain;h=f6835b82a8dbb3a9688c7b28fd4d673dca371272

Implement lttng_strncpy safe string copy

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Signed-off-by: Jérémie Galarneau <jeremie.galarneau@efficios.com>
---

diff --git a/src/common/macros.h b/src/common/macros.h
index 308d3d57a..930438855 100644
--- a/src/common/macros.h
+++ b/src/common/macros.h
@@ -20,6 +20,7 @@
 #define _MACROS_H
 
 #include <stdlib.h>
+#include <string.h>
 
 /*
  * Takes a pointer x and transform it so we can use it to access members
@@ -76,4 +77,28 @@ void *zmalloc(size_t len)
 #define LTTNG_HIDDEN __attribute__((visibility("hidden")))
 #endif
 
+/*
+ * lttng_strncpy returns 0 on success, or nonzero on failure.
+ * It checks that the @src string fits into @dst_len before performing
+ * the copy. On failure, no copy has been performed.
+ *
+ * dst_len includes the string's trailing NULL.
+ */
+static inline
+int lttng_strncpy(char *dst, const char *src, size_t dst_len)
+{
+	if (strnlen(src, dst_len) == dst_len) {
+		/* Fail since copying would result in truncation. */
+		return -1;
+	}
+	strncpy(dst, src, dst_len);
+	/*
+	 * Be extra careful and put final \0 at the end after strncpy(),
+	 * even though we checked the length before. This makes Coverity
+	 * happy.
+	 */
+	dst[dst_len - 1] = '\0';
+	return 0;
+}
+
 #endif /* _MACROS_H */