View Issue Details

IDProjectCategoryView StatusLast Update
0001726Issue 8 draftsSystem Interfacespublic2024-06-11 09:12
ReporterFlorian Weimer Assigned To 
PrioritynormalSeverityEditorialTypeClarification Requested
Status ClosedResolutionAccepted As Marked 
Product VersionDraft 3 
NameFlorian Weimer
OrganizationRed Hat
User Referenceswbz#178
Sectionstrlcat
Page Number2133
Line Number69861
Final Accepted Text0001726:0006382
Summary0001726: strlcat specification is ambiguous regarding return value
DescriptionA glibc developer tried to implement a hand-written assembler version of strlcat based on the POSIX specification and the OpenBSD manual page, and they were surprised when our test suite flagged their implementation as broken.

Effectively, we test that

  strlcat (buf, src, 0)

is equivalent to:

  strlen (src)

But the specification can be easily read as saying that it should be

  strlen (buf) + strlen (src)

i.e., that it does not matter whether the original contents of the destination buffer contains null bytes or not.
Desired ActionExisting implementations use the buffer size as a bound for the length of the original buffer contents. This is documented fairly explicitly in the Solaris manual page:

“The function returns min{dstsize, strlen(dst)} + strlen(src).”

<https://docs.oracle.com/cd/E36784_01/html/E36874/strlcat-3c.html>

I think the POSIX version should be change so that it is clear that it does not mandate a different behavior. Either it should say explicitly that the return value of strlcat is

  strnlen(dst, dstsize) + strlen(src)

or that strlcat behavior is undefined if there is no null byte among the first dstsize bytes in the buffer at buf.
Tagsapplied_after_i8d3, issue8

Activities

Florian Weimer

2023-05-10 06:30

reporter   bugnote:0006277

Sorry, the <> markup garbled the link, it should be: https://docs.oracle.com/cd/E36784_01/html/E36874/strlcat-3c.html

geoffclare

2023-07-10 16:24

manager   bugnote:0006382

Change:
Upon successful completion, the strlcat() function shall return the initial length of the string pointed to by dst plus the length of the string pointed to by src.
to:
Upon successful completion, the strlcat() function shall return the initial length of the string (if any) pointed to by dst, as limited by dstsize, plus the length of the string pointed to by src; that is, the value that would be returned by strnlen(dst, dstsize) + strlen(src) before the strlcat() call.

Issue History

Date Modified Username Field Change
2023-05-10 06:29 Florian Weimer New Issue
2023-05-10 06:29 Florian Weimer Name => Florian Weimer
2023-05-10 06:29 Florian Weimer Organization => Red Hat
2023-05-10 06:29 Florian Weimer User Reference => swbz#178
2023-05-10 06:29 Florian Weimer Section => strlcat
2023-05-10 06:29 Florian Weimer Page Number => unknown
2023-05-10 06:29 Florian Weimer Line Number => unknown
2023-05-10 06:30 Florian Weimer Note Added: 0006277
2023-05-23 14:01 geoffclare Project 1003.1(2013)/Issue7+TC1 => Issue 8 drafts
2023-05-23 14:03 geoffclare Page Number unknown => 2133
2023-05-23 14:03 geoffclare Line Number unknown => 69861
2023-05-23 14:03 geoffclare Product Version => Draft 3
2023-07-10 16:24 geoffclare Note Added: 0006382
2023-07-10 16:25 geoffclare Final Accepted Text => 0001726:0006382
2023-07-10 16:25 geoffclare Status New => Resolved
2023-07-10 16:25 geoffclare Resolution Open => Accepted As Marked
2023-07-10 16:25 geoffclare Tag Attached: issue8
2023-08-08 11:09 geoffclare Status Resolved => Applied
2023-08-08 11:09 geoffclare Tag Attached: applied_after_i8d3
2024-06-11 09:12 agadmin Status Applied => Closed