From 827753582e326eb9045deb39a347a4f9f403717a Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Sat, 26 Aug 2023 14:59:13 +0200 Subject: [PATCH 01/12] lib/subordinateio.c: get_owner_id(): Use snprintf_() instead of its pattern Signed-off-by: Alejandro Colomar --- lib/subordinateio.c | 9 ++------- 1 file changed, 2 insertions(+), 7 deletions(-) diff --git a/lib/subordinateio.c b/lib/subordinateio.c index acd3f1ffdc..1fe63c58ea 100644 --- a/lib/subordinateio.c +++ b/lib/subordinateio.c @@ -823,7 +823,6 @@ static bool get_owner_id(const char *owner, enum subid_type id_type, char *id) { struct passwd *pw; struct group *gr; - int ret = 0; switch (id_type) { case ID_TYPE_UID: @@ -831,20 +830,16 @@ static bool get_owner_id(const char *owner, enum subid_type id_type, char *id) if (pw == NULL) { return false; } - ret = snprintf(id, ID_SIZE, "%u", pw->pw_uid); - if (ret < 0 || ret >= ID_SIZE) { + if (snprintf_(id, ID_SIZE, "%u", pw->pw_uid) == -1) return false; - } break; case ID_TYPE_GID: gr = getgrnam(owner); if (gr == NULL) { return false; } - ret = snprintf(id, ID_SIZE, "%u", gr->gr_gid); - if (ret < 0 || ret >= ID_SIZE) { + if (snprintf_(id, ID_SIZE, "%u", gr->gr_gid) == -1) return false; - } break; default: return false; From 326ecbbb5ebd74a0b96dee89c4092c87b4b85307 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Sat, 8 Feb 2025 16:13:39 +0100 Subject: [PATCH 02/12] lib/string/: vsnprintf_(), strtcpy(): Set errno = E2BIG on truncation Signed-off-by: Alejandro Colomar --- lib/string/sprintf/snprintf.h | 7 +++++-- lib/string/strcpy/strtcpy.h | 5 ++++- 2 files changed, 9 insertions(+), 3 deletions(-) diff --git a/lib/string/sprintf/snprintf.h b/lib/string/sprintf/snprintf.h index f6dee1245f..dc60094575 100644 --- a/lib/string/sprintf/snprintf.h +++ b/lib/string/sprintf/snprintf.h @@ -1,4 +1,4 @@ -// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar +// SPDX-FileCopyrightText: 2023-2025, Alejandro Colomar // SPDX-License-Identifier: BSD-3-Clause @@ -8,6 +8,7 @@ #include "config.h" +#include #include #include #include @@ -53,8 +54,10 @@ vsnprintf_(char *restrict s, size_t size, const char *restrict fmt, va_list ap) len = vsnprintf(s, size, fmt, ap); if (len == -1) return -1; - if ((size_t) len >= size) + if ((size_t) len >= size) { + errno = E2BIG; return -1; + } return len; } diff --git a/lib/string/strcpy/strtcpy.h b/lib/string/strcpy/strtcpy.h index a440bcdfb3..4b9d34b722 100644 --- a/lib/string/strcpy/strtcpy.h +++ b/lib/string/strcpy/strtcpy.h @@ -8,6 +8,7 @@ #include "config.h" +#include #include #include #include @@ -42,8 +43,10 @@ strtcpy(char *restrict dst, const char *restrict src, size_t dsize) stpcpy(mempcpy(dst, src, dlen), ""); - if (trunc) + if (trunc) { + errno = E2BIG; return -1; + } return slen; } From fbafef2a940b46fca7c8cd12c83257a3da21a02c Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Sat, 8 Feb 2025 16:19:02 +0100 Subject: [PATCH 03/12] lib/string/sprintf/: snprintf_(): Use ssize_t instead of size_t in $2 vsnprintf(3) returns an int. By using ssize_t, which is also signed, we avoid the need for a cast. Cc: Serge Hallyn Signed-off-by: Alejandro Colomar --- lib/string/sprintf/snprintf.c | 8 ++++---- lib/string/sprintf/snprintf.h | 13 ++++++------- 2 files changed, 10 insertions(+), 11 deletions(-) diff --git a/lib/string/sprintf/snprintf.c b/lib/string/sprintf/snprintf.c index e3755da76b..f4ede2596a 100644 --- a/lib/string/sprintf/snprintf.c +++ b/lib/string/sprintf/snprintf.c @@ -1,4 +1,4 @@ -// SPDX-FileCopyrightText: 2023-2024, Alejandro Colomar +// SPDX-FileCopyrightText: 2023-2025, Alejandro Colomar // SPDX-License-Identifier: BSD-3-Clause @@ -7,10 +7,10 @@ #include "string/sprintf/snprintf.h" #include -#include +#include -extern inline int snprintf_(char *restrict s, size_t size, +extern inline int snprintf_(char *restrict s, ssize_t size, const char *restrict fmt, ...); -extern inline int vsnprintf_(char *restrict s, size_t size, +extern inline int vsnprintf_(char *restrict s, ssize_t size, const char *restrict fmt, va_list ap); diff --git a/lib/string/sprintf/snprintf.h b/lib/string/sprintf/snprintf.h index dc60094575..62be874922 100644 --- a/lib/string/sprintf/snprintf.h +++ b/lib/string/sprintf/snprintf.h @@ -10,8 +10,8 @@ #include #include -#include #include +#include #include "attr.h" #include "sizeof.h" @@ -25,15 +25,14 @@ format_attr(printf, 3, 4) -inline int snprintf_(char *restrict s, size_t size, const char *restrict fmt, - ...); +inline int snprintf_(char *restrict s, ssize_t size, const char *restrict fmt, ...); format_attr(printf, 3, 0) -inline int vsnprintf_(char *restrict s, size_t size, const char *restrict fmt, +inline int vsnprintf_(char *restrict s, ssize_t size, const char *restrict fmt, va_list ap); inline int -snprintf_(char *restrict s, size_t size, const char *restrict fmt, ...) +snprintf_(char *restrict s, ssize_t size, const char *restrict fmt, ...) { int len; va_list ap; @@ -47,14 +46,14 @@ snprintf_(char *restrict s, size_t size, const char *restrict fmt, ...) inline int -vsnprintf_(char *restrict s, size_t size, const char *restrict fmt, va_list ap) +vsnprintf_(char *restrict s, ssize_t size, const char *restrict fmt, va_list ap) { int len; len = vsnprintf(s, size, fmt, ap); if (len == -1) return -1; - if ((size_t) len >= size) { + if (len >= size) { errno = E2BIG; return -1; } From a0a70d732465d2ea76ddc2f936344f565997eec2 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Fri, 5 Dec 2025 12:15:44 +0100 Subject: [PATCH 04/12] lib/string/: vsnprintf_(), strtcpy(): abort() if size==0 There's nothing better that can be done. Cc: Serge Hallyn Signed-off-by: Alejandro Colomar --- lib/string/sprintf/snprintf.h | 4 ++++ lib/string/strcpy/strtcpy.h | 3 ++- 2 files changed, 6 insertions(+), 1 deletion(-) diff --git a/lib/string/sprintf/snprintf.h b/lib/string/sprintf/snprintf.h index 62be874922..9d373d9401 100644 --- a/lib/string/sprintf/snprintf.h +++ b/lib/string/sprintf/snprintf.h @@ -11,6 +11,7 @@ #include #include #include +#include #include #include "attr.h" @@ -50,6 +51,9 @@ vsnprintf_(char *restrict s, ssize_t size, const char *restrict fmt, va_list ap) { int len; + if (size == 0) + abort(); + len = vsnprintf(s, size, fmt, ap); if (len == -1) return -1; diff --git a/lib/string/strcpy/strtcpy.h b/lib/string/strcpy/strtcpy.h index 4b9d34b722..a8c3f865ac 100644 --- a/lib/string/strcpy/strtcpy.h +++ b/lib/string/strcpy/strtcpy.h @@ -11,6 +11,7 @@ #include #include #include +#include #include #include @@ -35,7 +36,7 @@ strtcpy(char *restrict dst, const char *restrict src, size_t dsize) size_t dlen, slen; if (dsize == 0) - return -1; + abort(); slen = strnlen(src, dsize); trunc = (slen == dsize); From a5ccc917452dc67f5547e27bcb24f419f207cf65 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Sat, 8 Feb 2025 14:41:16 +0100 Subject: [PATCH 05/12] lib/string/: Redesign stpecpy() and stpeprintf() Make them report truncation via errno and NULL. Instead of having three possible returns (a pointer to the NUL byte, the end of the array, or NULL), reduce it to two possible ones: one for success, and one for error. Use errno, which is a common way to signal the specific error, and thus treat truncation as any other error. This simplifies error handling after these calls. Also, if one misuses a pointer after truncation, the results are better if the pointer is NULL: the program will easily abort. If we returned 'end', the program could more easily produce a buffer overrun. Suggested-by: Douglas McIlroy Signed-off-by: Alejandro Colomar --- lib/string/sprintf/stpeprintf.h | 26 +++++++++----------------- lib/string/strcpy/stpecpy.h | 28 +++++++++++++++------------- 2 files changed, 24 insertions(+), 30 deletions(-) diff --git a/lib/string/sprintf/stpeprintf.h b/lib/string/sprintf/stpeprintf.h index b0048c4441..19987caaaa 100644 --- a/lib/string/sprintf/stpeprintf.h +++ b/lib/string/sprintf/stpeprintf.h @@ -10,9 +10,9 @@ #include #include -#include #include "attr.h" +#include "string/sprintf/snprintf.h" #if !defined(HAVE_STPEPRINTF) @@ -57,20 +57,17 @@ inline char *vstpeprintf(char *dst, char *end, const char *restrict fmt, * * RETURN VALUE * dst + strlen(dst) - * • On success, these functions return a pointer to the - * terminating NUL byte. + * On success, these functions return a pointer to the + * terminating NUL byte. * - * end - * • If this call truncated the resulting string. - * • If `dst == end` (a previous chained call to these - * functions truncated). - * NULL - * • If this function failed (see ERRORS). - * • If `dst == NULL` (a previous chained call to these - * functions failed). + * NULL On error. * * ERRORS + * E2BIG The string was truncated. + * * These functions may fail for the same reasons as vsnprintf(3). + * + * If dst is NULL at input, this function doesn't clobber errno. */ @@ -97,18 +94,13 @@ vstpeprintf(char *dst, char *end, const char *restrict fmt, va_list ap) int len; ptrdiff_t size; - if (dst == end) - return end; if (dst == NULL) return NULL; size = end - dst; - len = vsnprintf(dst, size, fmt, ap); - + len = vsnprintf_(dst, size, fmt, ap); if (len == -1) return NULL; - if (len >= size) - return end; return dst + len; } diff --git a/lib/string/strcpy/stpecpy.h b/lib/string/strcpy/stpecpy.h index 91c6ce7a7f..6719bb2a13 100644 --- a/lib/string/strcpy/stpecpy.h +++ b/lib/string/strcpy/stpecpy.h @@ -8,6 +8,7 @@ #include "config.h" +#include #include #include #include @@ -47,19 +48,15 @@ inline char *stpecpy(char *dst, char *end, const char *restrict src); * * RETURN VALUE * dst + strlen(dst) - * • On success, this function returns a pointer to the - * terminating NUL byte. + * On success, this function returns a pointer to the + * terminating NUL byte. * - * end - * • If this call truncated the resulting string. - * • If `dst == end` (a previous chained call to these - * functions truncated). - * NULL - * • If `dst == NULL` (a previous chained call to - * [v]stpeprintf() failed). + * NULL On error. * * ERRORS - * This function doesn't set errno. + * E2BIG The string was truncated. + * + * If dst is NULL at input, this function doesn't clobber errno. */ @@ -68,10 +65,9 @@ inline char * stpecpy(char *dst, char *end, const char *restrict src) { bool trunc; + char *p; size_t dsize, dlen, slen; - if (dst == end) - return end; if (dst == NULL) return NULL; @@ -80,7 +76,13 @@ stpecpy(char *dst, char *end, const char *restrict src) trunc = (slen == dsize); dlen = slen - trunc; - return stpcpy(mempcpy(dst, src, dlen), "") + trunc; + p = stpcpy(mempcpy(dst, src, dlen), ""); + if (trunc) { + errno = E2BIG; + return NULL; + } + + return p; } #endif From 8c252c1b07334b71ab31e8635055eb64c400b439 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Mon, 10 Feb 2025 14:49:53 +0100 Subject: [PATCH 06/12] lib/string/: Compact documentation In the case of [v]snprintf_(), anticipate the rename in the next commit. Signed-off-by: Alejandro Colomar --- lib/string/sprintf/snprintf.h | 9 ++++-- lib/string/sprintf/stpeprintf.h | 49 ++------------------------------- lib/string/strcpy/stpecpy.h | 39 +------------------------- 3 files changed, 9 insertions(+), 88 deletions(-) diff --git a/lib/string/sprintf/snprintf.h b/lib/string/sprintf/snprintf.h index 9d373d9401..bc55b9ba91 100644 --- a/lib/string/sprintf/snprintf.h +++ b/lib/string/sprintf/snprintf.h @@ -25,11 +25,14 @@ ) +// stprintf - string truncate print formatted format_attr(printf, 3, 4) -inline int snprintf_(char *restrict s, ssize_t size, const char *restrict fmt, ...); +inline int snprintf_(char *restrict s, ssize_t size, + const char *restrict fmt, ...); +// vstprintf - va_list string truncate print formatted format_attr(printf, 3, 0) -inline int vsnprintf_(char *restrict s, ssize_t size, const char *restrict fmt, - va_list ap); +inline int vsnprintf_(char *restrict s, ssize_t size, + const char *restrict fmt, va_list ap); inline int diff --git a/lib/string/sprintf/stpeprintf.h b/lib/string/sprintf/stpeprintf.h index 19987caaaa..dc422bade8 100644 --- a/lib/string/sprintf/stpeprintf.h +++ b/lib/string/sprintf/stpeprintf.h @@ -16,61 +16,16 @@ #if !defined(HAVE_STPEPRINTF) +// stpeprintf - string offset-pointer end-pointer print formatted format_attr(printf, 3, 4) inline char *stpeprintf(char *dst, char *end, const char *restrict fmt, ...); +// vstpeprintf - va_list string offset-pointer end-pointer print formatted format_attr(printf, 3, 0) inline char *vstpeprintf(char *dst, char *end, const char *restrict fmt, va_list ap); #endif -/* - * SYNOPSIS - * [[gnu::format(printf, 3, 4)]] - * char *_Nullable stpeprintf(char *_Nullable dst, char end[0], - * const char *restrict fmt, ...); - * - * [[gnu::format(printf, 3, 0)]] - * char *_Nullable vstpeprintf(char *_Nullable dst, char end[0], - * const char *restrict fmt, va_list ap); - * - * - * ARGUMENTS - * dst Destination buffer where to write a string. - * - * end Pointer to one after the last element of the buffer - * pointed to by `dst`. Usually, it should be calculated - * as `dst + countof(dst)`. - * - * fmt Format string - * - * ... - * ap Variadic argument list - * - * DESCRIPTION - * These functions are very similar to [v]snprintf(3). - * - * The destination buffer is limited by a pointer to its end --one - * after its last element-- instead of a size. This allows - * chaining calls to it safely, unlike [v]snprintf(3), which is - * difficult to chain without invoking Undefined Behavior. - * - * RETURN VALUE - * dst + strlen(dst) - * On success, these functions return a pointer to the - * terminating NUL byte. - * - * NULL On error. - * - * ERRORS - * E2BIG The string was truncated. - * - * These functions may fail for the same reasons as vsnprintf(3). - * - * If dst is NULL at input, this function doesn't clobber errno. - */ - - #if !defined(HAVE_STPEPRINTF) inline char * stpeprintf(char *dst, char *end, const char *restrict fmt, ...) diff --git a/lib/string/strcpy/stpecpy.h b/lib/string/strcpy/stpecpy.h index 6719bb2a13..d564d778b7 100644 --- a/lib/string/strcpy/stpecpy.h +++ b/lib/string/strcpy/stpecpy.h @@ -17,49 +17,12 @@ #if !defined(HAVE_STPECPY) +// stpecpy - string offset-pointer end-pointer copy ATTR_STRING(3) inline char *stpecpy(char *dst, char *end, const char *restrict src); #endif -/* - * SYNOPSIS - * [[gnu::null_terminated_string_arg(3)]] - * char *_Nullable stpecpy(char *_Nullable dst, char end[0], - * const char *restrict src); - * - * ARGUMENTS - * dst Destination buffer where to copy a string. - * - * end Pointer to one after the last element of the buffer - * pointed to by `dst`. Usually, it should be calculated - * as `dst + countof(dst)`. - * - * src Source string to be copied into dst. - * - * DESCRIPTION - * This function copies the string pointed to by src, into a string - * at the buffer pointed to by dst. If the destination buffer, - * limited by a pointer to its end --one after its last element--, - * isn't large enough to hold the copy, the resulting string is - * truncated. - * - * This function can be chained with calls to [v]stpeprintf(). - * - * RETURN VALUE - * dst + strlen(dst) - * On success, this function returns a pointer to the - * terminating NUL byte. - * - * NULL On error. - * - * ERRORS - * E2BIG The string was truncated. - * - * If dst is NULL at input, this function doesn't clobber errno. - */ - - #if !defined(HAVE_STPECPY) inline char * stpecpy(char *dst, char *end, const char *restrict src) From 431fec26d7e5f08cd3040e27ece18a0baceb0a60 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Sat, 8 Feb 2025 16:30:58 +0100 Subject: [PATCH 07/12] lib/, src/, tests/: Rename snprintf_() => stprintf() For consistency with strTcpy(), call it sTprintf(). Signed-off-by: Alejandro Colomar --- lib/Makefile.am | 4 ++-- lib/audit_help.c | 2 +- lib/commonio.c | 2 +- lib/env.c | 3 +-- lib/get_pid.c | 2 +- lib/hushed.c | 2 +- lib/nss.c | 2 +- lib/pwauth.c | 2 +- lib/shell.c | 2 +- lib/string/README | 2 +- lib/string/sprintf/stpeprintf.h | 4 ++-- lib/string/sprintf/{snprintf.c => stprintf.c} | 6 +++--- lib/string/sprintf/{snprintf.h => stprintf.h} | 20 +++++++++---------- lib/subordinateio.c | 6 +++--- lib/user_busy.c | 2 +- src/chage.c | 2 +- src/gpasswd.c | 2 +- src/login.c | 2 +- src/newgrp.c | 2 +- src/newusers.c | 2 +- src/passwd.c | 2 +- src/useradd.c | 2 +- src/vipw.c | 2 +- tests/unit/Makefile.am | 14 ++++++------- .../unit/{test_snprintf.c => test_stprintf.c} | 2 +- 25 files changed, 46 insertions(+), 47 deletions(-) rename lib/string/sprintf/{snprintf.c => stprintf.c} (62%) rename lib/string/sprintf/{snprintf.h => stprintf.h} (66%) rename tests/unit/{test_snprintf.c => test_stprintf.c} (97%) diff --git a/lib/Makefile.am b/lib/Makefile.am index 6a9a164433..1b884ed832 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -197,10 +197,10 @@ libshadow_la_SOURCES = \ string/memset/memzero.h \ string/sprintf/aprintf.c \ string/sprintf/aprintf.h \ - string/sprintf/snprintf.c \ - string/sprintf/snprintf.h \ string/sprintf/stpeprintf.c \ string/sprintf/stpeprintf.h \ + string/sprintf/stprintf.c \ + string/sprintf/stprintf.h \ string/strchr/strchrcnt.c \ string/strchr/strchrcnt.h \ string/strchr/strchrscnt.c \ diff --git a/lib/audit_help.c b/lib/audit_help.c index b0ac5631e5..987465c389 100644 --- a/lib/audit_help.c +++ b/lib/audit_help.c @@ -25,7 +25,7 @@ #include "attr.h" #include "prototypes.h" #include "shadowlog.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" int audit_fd; diff --git a/lib/commonio.c b/lib/commonio.c index 28dc7324cf..cc01469ed0 100644 --- a/lib/commonio.c +++ b/lib/commonio.c @@ -37,7 +37,7 @@ #include "sssd.h" #include "string/memset/memzero.h" #include "string/sprintf/aprintf.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/streq.h" #include "string/strcmp/strprefix.h" #include "string/strerrno.h" diff --git a/lib/env.c b/lib/env.c index f97bb10272..86fe79c597 100644 --- a/lib/env.c +++ b/lib/env.c @@ -22,8 +22,7 @@ #include "defines.h" #include "shadowlog.h" #include "string/sprintf/aprintf.h" -#include "string/sprintf/snprintf.h" -#include "string/sprintf/aprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/strprefix.h" #include "string/strdup/strdup.h" diff --git a/lib/get_pid.c b/lib/get_pid.c index 6ccc79d79b..719ddb4054 100644 --- a/lib/get_pid.c +++ b/lib/get_pid.c @@ -14,7 +14,7 @@ #include "atoi/getnum.h" #include "defines.h" #include "prototypes.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strerrno.h" diff --git a/lib/hushed.c b/lib/hushed.c index c2df9a4b90..6b0593c31f 100644 --- a/lib/hushed.c +++ b/lib/hushed.c @@ -21,7 +21,7 @@ #include "defines.h" #include "getdef.h" #include "prototypes.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/streq.h" #include "string/strtok/stpsep.h" diff --git a/lib/nss.c b/lib/nss.c index 5957390741..c487800e26 100644 --- a/lib/nss.c +++ b/lib/nss.c @@ -13,7 +13,7 @@ #include "prototypes.h" #include "../libsubid/subid.h" #include "shadowlog.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/strcaseprefix.h" #include "string/strcmp/streq.h" #include "string/strcmp/strprefix.h" diff --git a/lib/pwauth.c b/lib/pwauth.c index 0f0d2ff77c..d8f61e3ea0 100644 --- a/lib/pwauth.c +++ b/lib/pwauth.c @@ -25,7 +25,7 @@ #include "pwauth.h" #include "getdef.h" #include "string/memset/memzero.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/streq.h" #ifdef SKEY diff --git a/lib/shell.c b/lib/shell.c index 1e49df7b03..b4738561f1 100644 --- a/lib/shell.c +++ b/lib/shell.c @@ -15,7 +15,7 @@ #include #include "prototypes.h" #include "defines.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" extern char **newenvp; diff --git a/lib/string/README b/lib/string/README index 03f3db6c33..0f0c0b481c 100644 --- a/lib/string/README +++ b/lib/string/README @@ -213,7 +213,7 @@ sprintf/ - Formatted string creation sprintf(3) variant that allocates. It has better interface than asprintf(3). - stprintf() // Current name: snprintf_() + stprintf() snprintf(3) wrapper that reports truncation with -1. If you need more than one call to form a string, use seprintf() instead. diff --git a/lib/string/sprintf/stpeprintf.h b/lib/string/sprintf/stpeprintf.h index dc422bade8..4345722b55 100644 --- a/lib/string/sprintf/stpeprintf.h +++ b/lib/string/sprintf/stpeprintf.h @@ -12,7 +12,7 @@ #include #include "attr.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #if !defined(HAVE_STPEPRINTF) @@ -53,7 +53,7 @@ vstpeprintf(char *dst, char *end, const char *restrict fmt, va_list ap) return NULL; size = end - dst; - len = vsnprintf_(dst, size, fmt, ap); + len = vstprintf(dst, size, fmt, ap); if (len == -1) return NULL; diff --git a/lib/string/sprintf/snprintf.c b/lib/string/sprintf/stprintf.c similarity index 62% rename from lib/string/sprintf/snprintf.c rename to lib/string/sprintf/stprintf.c index f4ede2596a..1fe70550f7 100644 --- a/lib/string/sprintf/snprintf.c +++ b/lib/string/sprintf/stprintf.c @@ -4,13 +4,13 @@ #include "config.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include #include -extern inline int snprintf_(char *restrict s, ssize_t size, +extern inline int stprintf(char *restrict s, ssize_t size, const char *restrict fmt, ...); -extern inline int vsnprintf_(char *restrict s, ssize_t size, +extern inline int vstprintf(char *restrict s, ssize_t size, const char *restrict fmt, va_list ap); diff --git a/lib/string/sprintf/snprintf.h b/lib/string/sprintf/stprintf.h similarity index 66% rename from lib/string/sprintf/snprintf.h rename to lib/string/sprintf/stprintf.h index bc55b9ba91..1488862d8e 100644 --- a/lib/string/sprintf/snprintf.h +++ b/lib/string/sprintf/stprintf.h @@ -2,8 +2,8 @@ // SPDX-License-Identifier: BSD-3-Clause -#ifndef SHADOW_INCLUDE_LIB_STRING_SPRINTF_SNPRINTF_H_ -#define SHADOW_INCLUDE_LIB_STRING_SPRINTF_SNPRINTF_H_ +#ifndef SHADOW_INCLUDE_LIB_STRING_SPRINTF_STPRINTF_H_ +#define SHADOW_INCLUDE_LIB_STRING_SPRINTF_STPRINTF_H_ #include "config.h" @@ -19,30 +19,30 @@ // stprintf_a - string truncate print formatted array -#define stprintf_a(s, fmt, ...) \ -( \ - snprintf_(s, countof(s), fmt __VA_OPT__(,) __VA_ARGS__) \ +#define stprintf_a(s, fmt, ...) \ +( \ + stprintf(s, countof(s), fmt __VA_OPT__(,) __VA_ARGS__) \ ) // stprintf - string truncate print formatted format_attr(printf, 3, 4) -inline int snprintf_(char *restrict s, ssize_t size, +inline int stprintf(char *restrict s, ssize_t size, const char *restrict fmt, ...); // vstprintf - va_list string truncate print formatted format_attr(printf, 3, 0) -inline int vsnprintf_(char *restrict s, ssize_t size, +inline int vstprintf(char *restrict s, ssize_t size, const char *restrict fmt, va_list ap); inline int -snprintf_(char *restrict s, ssize_t size, const char *restrict fmt, ...) +stprintf(char *restrict s, ssize_t size, const char *restrict fmt, ...) { int len; va_list ap; va_start(ap, fmt); - len = vsnprintf_(s, size, fmt, ap); + len = vstprintf(s, size, fmt, ap); va_end(ap); return len; @@ -50,7 +50,7 @@ snprintf_(char *restrict s, ssize_t size, const char *restrict fmt, ...) inline int -vsnprintf_(char *restrict s, ssize_t size, const char *restrict fmt, va_list ap) +vstprintf(char *restrict s, ssize_t size, const char *restrict fmt, va_list ap) { int len; diff --git a/lib/subordinateio.c b/lib/subordinateio.c index 1fe63c58ea..5cc19d0a05 100644 --- a/lib/subordinateio.c +++ b/lib/subordinateio.c @@ -23,7 +23,7 @@ #include "alloc/reallocf.h" #include "atoi/a2i.h" #include "string/ctype/strisascii/strisdigit.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/streq.h" #include "string/strtok/strsep2arr.h" @@ -830,7 +830,7 @@ static bool get_owner_id(const char *owner, enum subid_type id_type, char *id) if (pw == NULL) { return false; } - if (snprintf_(id, ID_SIZE, "%u", pw->pw_uid) == -1) + if (stprintf(id, ID_SIZE, "%u", pw->pw_uid) == -1) return false; break; case ID_TYPE_GID: @@ -838,7 +838,7 @@ static bool get_owner_id(const char *owner, enum subid_type id_type, char *id) if (gr == NULL) { return false; } - if (snprintf_(id, ID_SIZE, "%u", gr->gr_gid) == -1) + if (stprintf(id, ID_SIZE, "%u", gr->gr_gid) == -1) return false; break; default: diff --git a/lib/user_busy.c b/lib/user_busy.c index d08229cbe4..ca4e92a640 100644 --- a/lib/user_busy.c +++ b/lib/user_busy.c @@ -28,7 +28,7 @@ #include "subordinateio.h" #endif /* ENABLE_SUBIDS */ #include "shadowlog.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/streq.h" #include "string/strcmp/strneq.h" #include "string/strcmp/strprefix.h" diff --git a/src/chage.c b/src/chage.c index fffd22b994..906dc3aacf 100644 --- a/src/chage.c +++ b/src/chage.c @@ -29,7 +29,7 @@ #include "shadowio.h" #include "shadowlog.h" #include "string/memset/memzero.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/streq.h" #include "string/strcpy/strtcpy.h" #include "string/strerrno.h" diff --git a/src/gpasswd.c b/src/gpasswd.c index 14c8f4f609..0e4b13e2e3 100644 --- a/src/gpasswd.c +++ b/src/gpasswd.c @@ -36,7 +36,7 @@ #include "shadowlog.h" #include "sssd.h" #include "string/memset/memzero.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/streq.h" #include "string/strcpy/strtcpy.h" #include "string/strdup/strdup.h" diff --git a/src/login.c b/src/login.c index f5543796f3..2d951c34c3 100644 --- a/src/login.c +++ b/src/login.c @@ -40,7 +40,7 @@ #include "shadow/gshadow/endsgent.h" #include "shadowlog.h" #include "string/memset/memzero.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/streq.h" #include "string/strcmp/strneq.h" #include "string/strcmp/strprefix.h" diff --git a/src/newgrp.c b/src/newgrp.c index 5c4cc07b15..550dfd17ef 100644 --- a/src/newgrp.c +++ b/src/newgrp.c @@ -32,7 +32,7 @@ #include "shadow/gshadow/getsgnam.h" #include "shadow/gshadow/sgrp.h" #include "shadowlog.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/streq.h" #include "string/strcmp/strprefix.h" #include "string/strdup/strdup.h" diff --git a/src/newusers.c b/src/newusers.c index 853218fd3e..1fb4514c4c 100644 --- a/src/newusers.c +++ b/src/newusers.c @@ -51,7 +51,7 @@ #include "shadow/gshadow/sgrp.h" #include "shadowlog.h" #include "sssd.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/streq.h" #include "string/strdup/strdup.h" #include "string/strerrno.h" diff --git a/src/passwd.c b/src/passwd.c index 103393382b..ca4e142229 100644 --- a/src/passwd.c +++ b/src/passwd.c @@ -34,7 +34,7 @@ #include "sssd.h" #include "string/memset/memzero.h" #include "string/sprintf/aprintf.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/streq.h" #include "string/strcmp/strprefix.h" #include "string/strcpy/strtcpy.h" diff --git a/src/useradd.c b/src/useradd.c index 330b52f8d5..7397933ac3 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -65,7 +65,7 @@ #include "sssd.h" #include "string/memset/memzero.h" #include "string/sprintf/aprintf.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/strcaseeq.h" #include "string/strcmp/streq.h" #include "string/strcmp/strprefix.h" diff --git a/src/vipw.c b/src/vipw.c index cf574c9dba..180cc3d4ae 100644 --- a/src/vipw.c +++ b/src/vipw.c @@ -45,7 +45,7 @@ #include "sssd.h" #include "fs/mkstemp/fmkomstemp.h" #include "string/sprintf/aprintf.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/streq.h" #include "string/strerrno.h" diff --git a/tests/unit/Makefile.am b/tests/unit/Makefile.am index 9c548240f2..1103e73d64 100644 --- a/tests/unit/Makefile.am +++ b/tests/unit/Makefile.am @@ -8,7 +8,7 @@ check_PROGRAMS = \ test_atoi_strtoi \ test_chkhash \ test_chkname \ - test_snprintf \ + test_stprintf \ test_strncpy \ test_strtcpy \ test_typetraits \ @@ -93,16 +93,16 @@ test_logind_LDADD = \ $(LIBSYSTEMD) \ $(NULL) -test_snprintf_SOURCES = \ - ../../lib/string/sprintf/snprintf.c \ - test_snprintf.c \ +test_stprintf_SOURCES = \ + ../../lib/string/sprintf/stprintf.c \ + test_stprintf.c \ $(NULL) -test_snprintf_CFLAGS = \ +test_stprintf_CFLAGS = \ $(AM_CFLAGS) \ $(NULL) -test_snprintf_LDFLAGS = \ +test_stprintf_LDFLAGS = \ $(NULL) -test_snprintf_LDADD = \ +test_stprintf_LDADD = \ $(CMOCKA_LIBS) \ $(NULL) diff --git a/tests/unit/test_snprintf.c b/tests/unit/test_stprintf.c similarity index 97% rename from tests/unit/test_snprintf.c rename to tests/unit/test_stprintf.c index df77891432..8d61267771 100644 --- a/tests/unit/test_snprintf.c +++ b/tests/unit/test_stprintf.c @@ -14,7 +14,7 @@ #include #include "sizeof.h" -#include "string/sprintf/snprintf.h" +#include "string/sprintf/stprintf.h" static void test_stprintf_a_trunc(void **); From c3e762bd42d112d67f3365d9cab387817a1192b0 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Mon, 10 Feb 2025 15:06:34 +0100 Subject: [PATCH 08/12] lib/, po/, src/: Rename stpeprintf() => seprintf() The old name was too complex, and is inconsistent with all other sprintf(3)-based APIs having just one letter for differentiation. This allows breaking less lines. The original name was chosen for differentiation with the buggy Plan9 API seprint(2). However, 9front (the current fork where Plan9 is mainly developed) has acknowledged the bug. There's still no decision on fixing the bug or not, due to the age of their code base, and the projects depending on their library. It is under consideration inventing something like a seprint2(2) in 9front for replacement of seprint(2), but there's no decision yet either. Considering that 9front acknowledges their bug, and that they *may* release a fixed API with a similar name, we may as well claim that our seprintf() is also a fixed version of Plan9's seprint(2). It has a different name, after all (we terminate in 'f'). This commit was partially scripted with $ find * -type f \ | xargs grep -l stpeprintf \ | xargs sed -i 's/stpeprintf/seprintf/g'; Signed-off-by: Alejandro Colomar --- configure.ac | 2 +- lib/Makefile.am | 4 +- lib/idmapping.c | 6 +-- lib/string/README | 2 +- lib/string/sprintf/seprintf.c | 17 +++++++++ lib/string/sprintf/seprintf.h | 65 +++++++++++++++++++++++++++++++++ lib/string/sprintf/stpeprintf.c | 17 --------- lib/string/sprintf/stpeprintf.h | 65 --------------------------------- po/bs.po | 2 +- po/ca.po | 4 +- po/cs.po | 2 +- po/da.po | 2 +- po/de.po | 2 +- po/dz.po | 2 +- po/el.po | 2 +- po/es.po | 2 +- po/eu.po | 2 +- po/fi.po | 2 +- po/fr.po | 4 +- po/gl.po | 2 +- po/he.po | 2 +- po/hu.po | 2 +- po/id.po | 2 +- po/it.po | 2 +- po/ja.po | 2 +- po/ka.po | 4 +- po/kk.po | 2 +- po/km.po | 2 +- po/ko.po | 2 +- po/nb.po | 2 +- po/ne.po | 2 +- po/nl.po | 4 +- po/nn.po | 2 +- po/pl.po | 2 +- po/pt.po | 2 +- po/pt_BR.po | 2 +- po/ro.po | 4 +- po/ru.po | 2 +- po/shadow.pot | 2 +- po/sk.po | 2 +- po/sq.po | 2 +- po/sv.po | 2 +- po/tl.po | 2 +- po/tr.po | 2 +- po/uk.po | 2 +- po/vi.po | 2 +- po/zh_CN.po | 2 +- po/zh_TW.po | 2 +- src/chfn.c | 12 +++--- src/groupmod.c | 21 +++++------ 50 files changed, 149 insertions(+), 152 deletions(-) create mode 100644 lib/string/sprintf/seprintf.c create mode 100644 lib/string/sprintf/seprintf.h delete mode 100644 lib/string/sprintf/stpeprintf.c delete mode 100644 lib/string/sprintf/stpeprintf.h diff --git a/configure.ac b/configure.ac index c01264c004..6c9abf17c1 100644 --- a/configure.ac +++ b/configure.ac @@ -47,7 +47,7 @@ AC_CHECK_FUNCS([arc4random_buf \ updwtmpx innetgr \ getspnam_r \ rpmatch \ - memset_explicit explicit_bzero stpecpy stpeprintf]) + memset_explicit explicit_bzero stpecpy seprintf]) AC_SYS_LARGEFILE dnl Checks for typedefs, structures, and compiler characteristics. diff --git a/lib/Makefile.am b/lib/Makefile.am index 1b884ed832..71ff96995d 100644 --- a/lib/Makefile.am +++ b/lib/Makefile.am @@ -197,8 +197,8 @@ libshadow_la_SOURCES = \ string/memset/memzero.h \ string/sprintf/aprintf.c \ string/sprintf/aprintf.h \ - string/sprintf/stpeprintf.c \ - string/sprintf/stpeprintf.h \ + string/sprintf/seprintf.c \ + string/sprintf/seprintf.h \ string/sprintf/stprintf.c \ string/sprintf/stprintf.h \ string/strchr/strchrcnt.c \ diff --git a/lib/idmapping.c b/lib/idmapping.c index 88a0c00e47..77631ec18a 100644 --- a/lib/idmapping.c +++ b/lib/idmapping.c @@ -27,7 +27,7 @@ #include "prototypes.h" #include "shadowlog.h" #include "sizeof.h" -#include "string/sprintf/stpeprintf.h" +#include "string/sprintf/seprintf.h" #include "string/strcmp/streq.h" #include "string/strerrno.h" @@ -184,13 +184,13 @@ void write_mapping(int proc_dir_fd, int ranges, const struct map_range *mappings mapping = mappings; for (idx = 0; idx < ranges; idx++, mapping++) { /* Append this range to the string that will be written */ - pos = stpeprintf(pos, end, "%lu %lu %lu\n", + pos = seprintf(pos, end, "%lu %lu %lu\n", mapping->upper, mapping->lower, mapping->count); } if (pos == end || pos == NULL) { - fprintf(log_get_logfd(), _("%s: stpeprintf failed!\n"), log_get_progname()); + fprintf(log_get_logfd(), _("%s: seprintf failed!\n"), log_get_progname()); exit(EXIT_FAILURE); } diff --git a/lib/string/README b/lib/string/README index 0f0c0b481c..9e3ea4f34b 100644 --- a/lib/string/README +++ b/lib/string/README @@ -220,7 +220,7 @@ sprintf/ - Formatted string creation stprintf_a() Like stprintf(), but takes an array. - seprintf() // Current name: stpeprintf()) + seprintf() Similar to stprintf(), but takes a pointer to the end instead of a size. This makes it safer for chaining several calls. diff --git a/lib/string/sprintf/seprintf.c b/lib/string/sprintf/seprintf.c new file mode 100644 index 0000000000..3be154fe78 --- /dev/null +++ b/lib/string/sprintf/seprintf.c @@ -0,0 +1,17 @@ +// SPDX-FileCopyrightText: 2022-2025, Alejandro Colomar +// SPDX-License-Identifier: BSD-3-Clause + + +#include "config.h" + +#include "string/sprintf/seprintf.h" + +#include + + +#if !defined(HAVE_SEPRINTF) +extern inline char *seprintf(char *dst, char *end, const char *restrict fmt, + ...); +extern inline char *vseprintf(char *dst, char *end, const char *restrict fmt, + va_list ap); +#endif diff --git a/lib/string/sprintf/seprintf.h b/lib/string/sprintf/seprintf.h new file mode 100644 index 0000000000..e1a2637802 --- /dev/null +++ b/lib/string/sprintf/seprintf.h @@ -0,0 +1,65 @@ +// SPDX-FileCopyrightText: 2022-2024, Alejandro Colomar +// SPDX-License-Identifier: BSD-3-Clause + + +#ifndef SHADOW_INCLUDE_LIB_STRING_SPRINTF_SEPRINTF_H_ +#define SHADOW_INCLUDE_LIB_STRING_SPRINTF_SEPRINTF_H_ + + +#include "config.h" + +#include +#include + +#include "attr.h" +#include "string/sprintf/stprintf.h" + + +#if !defined(HAVE_SEPRINTF) +// seprintf - string end-pointer print formatted +format_attr(printf, 3, 4) +inline char *seprintf(char *dst, char *end, const char *restrict fmt, ...); +// vseprintf - va_list string end-pointer print formatted +format_attr(printf, 3, 0) +inline char *vseprintf(char *dst, char *end, const char *restrict fmt, + va_list ap); +#endif + + +#if !defined(HAVE_SEPRINTF) +inline char * +seprintf(char *dst, char *end, const char *restrict fmt, ...) +{ + char *p; + va_list ap; + + va_start(ap, fmt); + p = vseprintf(dst, end, fmt, ap); + va_end(ap); + + return p; +} +#endif + + +#if !defined(HAVE_SEPRINTF) +inline char * +vseprintf(char *dst, char *end, const char *restrict fmt, va_list ap) +{ + int len; + ptrdiff_t size; + + if (dst == NULL) + return NULL; + + size = end - dst; + len = vstprintf(dst, size, fmt, ap); + if (len == -1) + return NULL; + + return dst + len; +} +#endif + + +#endif // include guard diff --git a/lib/string/sprintf/stpeprintf.c b/lib/string/sprintf/stpeprintf.c deleted file mode 100644 index d195931b89..0000000000 --- a/lib/string/sprintf/stpeprintf.c +++ /dev/null @@ -1,17 +0,0 @@ -// SPDX-FileCopyrightText: 2022-2024, Alejandro Colomar -// SPDX-License-Identifier: BSD-3-Clause - - -#include "config.h" - -#include "string/sprintf/stpeprintf.h" - -#include - - -#if !defined(HAVE_STPEPRINTF) -extern inline char *stpeprintf(char *dst, char *end, const char *restrict fmt, - ...); -extern inline char *vstpeprintf(char *dst, char *end, const char *restrict fmt, - va_list ap); -#endif diff --git a/lib/string/sprintf/stpeprintf.h b/lib/string/sprintf/stpeprintf.h deleted file mode 100644 index 4345722b55..0000000000 --- a/lib/string/sprintf/stpeprintf.h +++ /dev/null @@ -1,65 +0,0 @@ -// SPDX-FileCopyrightText: 2022-2024, Alejandro Colomar -// SPDX-License-Identifier: BSD-3-Clause - - -#ifndef SHADOW_INCLUDE_LIB_STRING_SPRINTF_STPEPRINTF_H_ -#define SHADOW_INCLUDE_LIB_STRING_SPRINTF_STPEPRINTF_H_ - - -#include "config.h" - -#include -#include - -#include "attr.h" -#include "string/sprintf/stprintf.h" - - -#if !defined(HAVE_STPEPRINTF) -// stpeprintf - string offset-pointer end-pointer print formatted -format_attr(printf, 3, 4) -inline char *stpeprintf(char *dst, char *end, const char *restrict fmt, ...); -// vstpeprintf - va_list string offset-pointer end-pointer print formatted -format_attr(printf, 3, 0) -inline char *vstpeprintf(char *dst, char *end, const char *restrict fmt, - va_list ap); -#endif - - -#if !defined(HAVE_STPEPRINTF) -inline char * -stpeprintf(char *dst, char *end, const char *restrict fmt, ...) -{ - char *p; - va_list ap; - - va_start(ap, fmt); - p = vstpeprintf(dst, end, fmt, ap); - va_end(ap); - - return p; -} -#endif - - -#if !defined(HAVE_STPEPRINTF) -inline char * -vstpeprintf(char *dst, char *end, const char *restrict fmt, va_list ap) -{ - int len; - ptrdiff_t size; - - if (dst == NULL) - return NULL; - - size = end - dst; - len = vstprintf(dst, size, fmt, ap); - if (len == -1) - return NULL; - - return dst + len; -} -#endif - - -#endif // include guard diff --git a/po/bs.po b/po/bs.po index 3f41814628..49d1fc2c75 100644 --- a/po/bs.po +++ b/po/bs.po @@ -205,7 +205,7 @@ msgid "%s: Could not set caps\n" msgstr "%s: nepoznat član %s\n" #, fuzzy, c-format -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "nepoznata grupa: %s\n" #, fuzzy, c-format diff --git a/po/ca.po b/po/ca.po index 26457b447f..a6efb19606 100644 --- a/po/ca.po +++ b/po/ca.po @@ -229,8 +229,8 @@ msgid "%s: Could not set caps\n" msgstr "%s: No s'han pogut establir les «capabilities»\n" #, c-format -msgid "%s: stpeprintf failed!\n" -msgstr "%s: ha fallat stpeprintf!\n" +msgid "%s: seprintf failed!\n" +msgstr "%s: ha fallat seprintf!\n" #, c-format msgid "%s: open of %s failed: %s\n" diff --git a/po/cs.po b/po/cs.po index 615ce68e70..29ac71e99b 100644 --- a/po/cs.po +++ b/po/cs.po @@ -228,7 +228,7 @@ msgstr "Nelze nastavit jméno uživatele %s\n" #, fuzzy, c-format #| msgid "%s: snprintf failed!\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: snprintf selhalo!\n" #, c-format diff --git a/po/da.po b/po/da.po index 20666eddb2..73ccfa8b02 100644 --- a/po/da.po +++ b/po/da.po @@ -244,7 +244,7 @@ msgstr "Kunne ikke angive navn for %s\n" #, fuzzy, c-format #| msgid "%s: line %d: chown %s failed: %s\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: Linje %d: chown %s fejlede: %s\n" #, fuzzy, c-format diff --git a/po/de.po b/po/de.po index 0594ca2118..e245a04a3c 100644 --- a/po/de.po +++ b/po/de.po @@ -238,7 +238,7 @@ msgstr "Name für %s konnte nicht gesetzt werden\n" #, fuzzy, c-format #| msgid "%s: line %d: chown %s failed: %s\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: Zeile %d: chown %s (Eigentümer ändern) fehlgeschlagen: %s\n" #, fuzzy, c-format diff --git a/po/dz.po b/po/dz.po index 59771609f9..1cb6713e62 100644 --- a/po/dz.po +++ b/po/dz.po @@ -215,7 +215,7 @@ msgstr "རིམ་སྒྲིག་བརྡ་དོན་གྱི་དོ #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: ཡིག་སྣོད་ཁ་ཕྱེ་མི་ཚུགས།\n" #, fuzzy, c-format diff --git a/po/el.po b/po/el.po index 18fdc8a90a..59c010eaaf 100644 --- a/po/el.po +++ b/po/el.po @@ -238,7 +238,7 @@ msgstr "Αδυναμία ρύθμισης του ονόματος χρήστη % #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: αδυναμία ανοίγματος του αρχείου\n" #, fuzzy, c-format diff --git a/po/es.po b/po/es.po index 54863bfad3..e85b375dbc 100644 --- a/po/es.po +++ b/po/es.po @@ -264,7 +264,7 @@ msgstr "No se pudo reservar espacio para la información de configuración.\n" #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: no se puede abrir el fichero\n" #, fuzzy, c-format diff --git a/po/eu.po b/po/eu.po index f78b0ea44e..d6e2d45756 100644 --- a/po/eu.po +++ b/po/eu.po @@ -221,7 +221,7 @@ msgstr "Ezin izan da lekua esleitu, konfigurazioaren informaziorako.\n" #, fuzzy, c-format #| msgid "%s: line %d: chown %s failed: %s\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: %d lerroa: chown %s-ek huts egin du: %s\n" #, fuzzy, c-format diff --git a/po/fi.po b/po/fi.po index 94d4d1d7b9..0774becb02 100644 --- a/po/fi.po +++ b/po/fi.po @@ -209,7 +209,7 @@ msgstr "Asetustiedoille ei voi varata tilaa.\n" #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: tiedosta ei voi avata\n" #, fuzzy, c-format diff --git a/po/fr.po b/po/fr.po index 57c3531daf..6132505fee 100644 --- a/po/fr.po +++ b/po/fr.po @@ -254,8 +254,8 @@ msgid "%s: Could not set caps\n" msgstr "%s : Impossible de définir les plafonds\n" #, c-format -msgid "%s: stpeprintf failed!\n" -msgstr "%s : échec de stpeprintf !\n" +msgid "%s: seprintf failed!\n" +msgstr "%s : échec de seprintf !\n" #, c-format msgid "%s: open of %s failed: %s\n" diff --git a/po/gl.po b/po/gl.po index bbc7dfcc9f..f702fbdc93 100644 --- a/po/gl.po +++ b/po/gl.po @@ -211,7 +211,7 @@ msgstr "Non se puido reservar espacio para a información de configuración.\n" #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: non se pode abrir o ficheiro\n" #, fuzzy, c-format diff --git a/po/he.po b/po/he.po index 1648c78d58..c667720fdb 100644 --- a/po/he.po +++ b/po/he.po @@ -205,7 +205,7 @@ msgid "%s: Could not set caps\n" msgstr "לא יכול להקצות מקום בשביל מידע על הקונפיגורציה.\n" #, fuzzy, c-format -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: שורה %d: לא יכול לעדכן רשומת סיסמה\n" #, fuzzy, c-format diff --git a/po/hu.po b/po/hu.po index e7bf22a7c8..1d0691cb00 100644 --- a/po/hu.po +++ b/po/hu.po @@ -206,7 +206,7 @@ msgstr "Sikertelen helyfoglalás a beállítási infónak.\n" #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: nem tudom megnyitni a fájlt\n" #, fuzzy, c-format diff --git a/po/id.po b/po/id.po index 4c070a0752..3a71f03369 100644 --- a/po/id.po +++ b/po/id.po @@ -205,7 +205,7 @@ msgstr "Tidak dapat mengalokasikan ruang untuk informasi konfigurasi.\n" #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: tidak dapat membuka berkas\n" #, fuzzy, c-format diff --git a/po/it.po b/po/it.po index 4d3ec5cb9b..37f6a0b27e 100644 --- a/po/it.po +++ b/po/it.po @@ -232,7 +232,7 @@ msgstr "Impossibile allocare spazio per le informazioni di configurazione.\n" #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: impossibile aprire il file\n" #, fuzzy, c-format diff --git a/po/ja.po b/po/ja.po index 426e3302c7..2f32c0e800 100644 --- a/po/ja.po +++ b/po/ja.po @@ -231,7 +231,7 @@ msgstr "%s の名前を設定できません\n" #, fuzzy, c-format #| msgid "%s: line %d: chown %s failed: %s\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: %d 行: chown %s が失敗しました: %s\n" #, fuzzy, c-format diff --git a/po/ka.po b/po/ka.po index c633393927..e09a9adb6e 100644 --- a/po/ka.po +++ b/po/ka.po @@ -227,8 +227,8 @@ msgid "%s: Could not set caps\n" msgstr "%s: caps-ების დაყენების შედომა\n" #, c-format -msgid "%s: stpeprintf failed!\n" -msgstr "%s: stpeprintf ჩავარდა!\n" +msgid "%s: seprintf failed!\n" +msgstr "%s: seprintf ჩავარდა!\n" #, c-format msgid "%s: open of %s failed: %s\n" diff --git a/po/kk.po b/po/kk.po index 60cb95cd39..988b96bded 100644 --- a/po/kk.po +++ b/po/kk.po @@ -229,7 +229,7 @@ msgstr "%s үшін атын орнату мүмкін емес\n" #, fuzzy, c-format #| msgid "%s: line %d: chown %s failed: %s\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: жол %d: chown %s сәтсіз: %s\n" #, fuzzy, c-format diff --git a/po/km.po b/po/km.po index 513f284989..3e49c01773 100644 --- a/po/km.po +++ b/po/km.po @@ -219,7 +219,7 @@ msgstr "មិន​អាច​បម្រុង​ទុក​ទំហំ​ #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s ៖ មិន​អាច​បើក​​ឯកសារ​បានទេ\n" #, fuzzy, c-format diff --git a/po/ko.po b/po/ko.po index 980c30f387..89ea54d3ed 100644 --- a/po/ko.po +++ b/po/ko.po @@ -212,7 +212,7 @@ msgid "%s: Could not set caps\n" msgstr "설정 정보를 위한 공간을 확보할 수 없습니다.\n" #, fuzzy, c-format -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: %d번 줄: chown 실패했습니다\n" #, fuzzy, c-format diff --git a/po/nb.po b/po/nb.po index 1eb1e3be35..33e61d3ba1 100644 --- a/po/nb.po +++ b/po/nb.po @@ -251,7 +251,7 @@ msgstr "Klarte ikke å endre navn på %s\n" #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: klarte ikke å åpne fil\n" #, fuzzy, c-format diff --git a/po/ne.po b/po/ne.po index 08f423fab6..abcea08922 100644 --- a/po/ne.po +++ b/po/ne.po @@ -212,7 +212,7 @@ msgstr "कनफिगरेसन सूचनाको लागि खाल #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: फाइल खोल्न सकिएन\n" #, fuzzy, c-format diff --git a/po/nl.po b/po/nl.po index aa824d3377..79ec110c76 100644 --- a/po/nl.po +++ b/po/nl.po @@ -232,8 +232,8 @@ msgid "%s: Could not set caps\n" msgstr "%s: Kon hoofdletters niet instellen\n" #, c-format -msgid "%s: stpeprintf failed!\n" -msgstr "%s: stpeprintf is mislukt!\n" +msgid "%s: seprintf failed!\n" +msgstr "%s: seprintf is mislukt!\n" #, c-format msgid "%s: open of %s failed: %s\n" diff --git a/po/nn.po b/po/nn.po index 60b7b53715..e00c1bb026 100644 --- a/po/nn.po +++ b/po/nn.po @@ -205,7 +205,7 @@ msgstr "Klarte ikkje finna plass for oppsettsinformasjon.\n" #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: klarer ikkje opna fil\n" #, fuzzy, c-format diff --git a/po/pl.po b/po/pl.po index 259d2c10b0..c1dfdea148 100644 --- a/po/pl.po +++ b/po/pl.po @@ -216,7 +216,7 @@ msgstr "Nie można przydzielić miejsca dla informacji o konfiguracji.\n" #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: nie można otworzyć pliku\n" #, fuzzy, c-format diff --git a/po/pt.po b/po/pt.po index cdc2195568..6620c91620 100644 --- a/po/pt.po +++ b/po/pt.po @@ -243,7 +243,7 @@ msgstr "Não foi possível definir nome para %s\n" #, fuzzy, c-format #| msgid "%s: line %d: chown %s failed: %s\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: linha %d: chown %s falhou: %s\n" #, fuzzy, c-format diff --git a/po/pt_BR.po b/po/pt_BR.po index e1e2c6a83b..6094bb4ee6 100644 --- a/po/pt_BR.po +++ b/po/pt_BR.po @@ -235,7 +235,7 @@ msgstr "Não foi possível alocar espaço para a informação de configuração. #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s : não foi possível abrir arquivo\n" #, fuzzy, c-format diff --git a/po/ro.po b/po/ro.po index a3e1b53b54..062c84749c 100644 --- a/po/ro.po +++ b/po/ro.po @@ -242,8 +242,8 @@ msgid "%s: Could not set caps\n" msgstr "%s: Nu s-au putut defini capacitățile\n" #, c-format -msgid "%s: stpeprintf failed!\n" -msgstr "%s: stpeprintf a eșuat!\n" +msgid "%s: seprintf failed!\n" +msgstr "%s: seprintf a eșuat!\n" #, c-format msgid "%s: open of %s failed: %s\n" diff --git a/po/ru.po b/po/ru.po index ba4787cc8f..d70989ff00 100644 --- a/po/ru.po +++ b/po/ru.po @@ -244,7 +244,7 @@ msgstr "Невозможно задать имя для %s\n" #, fuzzy, c-format #| msgid "%s: line %d: chown %s failed: %s\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: строка %d: вызов chown %s завершился неудачно: %s\n" #, fuzzy, c-format diff --git a/po/shadow.pot b/po/shadow.pot index 666060343c..add769f2bb 100644 --- a/po/shadow.pot +++ b/po/shadow.pot @@ -205,7 +205,7 @@ msgid "%s: Could not set caps\n" msgstr "" #, c-format -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "" #, c-format diff --git a/po/sk.po b/po/sk.po index bd632aedfc..1518c234eb 100644 --- a/po/sk.po +++ b/po/sk.po @@ -218,7 +218,7 @@ msgstr "Na konfiguračné údaje sa nedá vyhradiť dostatok miesta.\n" #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: nedá sa otvoriť súbor\n" #, fuzzy, c-format diff --git a/po/sq.po b/po/sq.po index 796c11755b..eb4983f8d4 100644 --- a/po/sq.po +++ b/po/sq.po @@ -206,7 +206,7 @@ msgid "%s: Could not set caps\n" msgstr "Kujdes: grup i panjohur %s\n" #, fuzzy, c-format -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "Kujdes: grup i panjohur %s\n" #, fuzzy, c-format diff --git a/po/sv.po b/po/sv.po index e7d79859b6..0a7d789d0b 100644 --- a/po/sv.po +++ b/po/sv.po @@ -231,7 +231,7 @@ msgstr "Kunde inte allokera plats för konfigurationsinformationen.\n" #, fuzzy, c-format #| msgid "%s: line %d: chown %s failed: %s\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: rad %d: chown %s misslyckades: %s\n" #, fuzzy, c-format diff --git a/po/tl.po b/po/tl.po index a104c11bb5..95a4aa1c49 100644 --- a/po/tl.po +++ b/po/tl.po @@ -219,7 +219,7 @@ msgstr "Hindi makapaglaan ng lugar para sa impormasyong pagsasaayos.\n" #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: hindi mabuksan ang talaksan\n" #, fuzzy, c-format diff --git a/po/tr.po b/po/tr.po index 91c2a541a7..e03d47648e 100644 --- a/po/tr.po +++ b/po/tr.po @@ -211,7 +211,7 @@ msgstr "Yapılandırma bilgileri için yer ayrılamadı.\n" #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: dosya açılamıyor\n" #, fuzzy, c-format diff --git a/po/uk.po b/po/uk.po index 4fbb2eb82f..1dc3cfe2f4 100644 --- a/po/uk.po +++ b/po/uk.po @@ -235,7 +235,7 @@ msgstr "%s: не вдалося встановити можливості\n" #, fuzzy, c-format #| msgid "%s: snprintf failed!\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: помилка snprintf!\n" #, c-format diff --git a/po/vi.po b/po/vi.po index ac1663886f..9191e4b0b9 100644 --- a/po/vi.po +++ b/po/vi.po @@ -237,7 +237,7 @@ msgstr "Không thể đặt tên %s\n" #, fuzzy, c-format #| msgid "%s: line %d: chown %s failed: %s\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s: dòng %d: lỗi chown (thay đổi quyền sở hữu) %s: %s\n" #, fuzzy, c-format diff --git a/po/zh_CN.po b/po/zh_CN.po index d1efe715a1..7bcf8d0dee 100644 --- a/po/zh_CN.po +++ b/po/zh_CN.po @@ -213,7 +213,7 @@ msgstr "%s:无法设置上限\n" #, fuzzy, c-format #| msgid "%s: snprintf failed!\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s:snprintf 失败\n" #, c-format diff --git a/po/zh_TW.po b/po/zh_TW.po index be5782cfa1..cdd64d8568 100644 --- a/po/zh_TW.po +++ b/po/zh_TW.po @@ -224,7 +224,7 @@ msgstr "無法設定 %s 的名稱\n" #, fuzzy, c-format #| msgid "%s: can't open file\n" -msgid "%s: stpeprintf failed!\n" +msgid "%s: seprintf failed!\n" msgstr "%s:無法打開檔案\n" #, fuzzy, c-format diff --git a/src/chfn.c b/src/chfn.c index 81e2a31bb8..dc00082587 100644 --- a/src/chfn.c +++ b/src/chfn.c @@ -35,7 +35,7 @@ #include "shadowlog.h" #include "sizeof.h" #include "sssd.h" -#include "string/sprintf/stpeprintf.h" +#include "string/sprintf/seprintf.h" #include "string/strcmp/streq.h" #include "string/strcpy/strtcpy.h" #include "string/strdup/strdup.h" @@ -653,12 +653,12 @@ int main (int argc, char **argv) /* Build the new GECOS field by plastering all the pieces together. */ p = new_gecos; e = new_gecos + countof(new_gecos); - p = stpeprintf(p, e, "%s", fullnm); - p = stpeprintf(p, e, ",%s", roomno); - p = stpeprintf(p, e, ",%s", workph); - p = stpeprintf(p, e, ",%s", homeph); + p = seprintf(p, e, "%s", fullnm); + p = seprintf(p, e, ",%s", roomno); + p = seprintf(p, e, ",%s", workph); + p = seprintf(p, e, ",%s", homeph); if (!streq(slop, "")) - p = stpeprintf(p, e, ",%s", slop); + p = seprintf(p, e, ",%s", slop); if (p == e || p == NULL) { fprintf (stderr, _("%s: fields too long\n"), Prog); diff --git a/src/groupmod.c b/src/groupmod.c index ce265c8e43..d0e4ea6d2e 100644 --- a/src/groupmod.c +++ b/src/groupmod.c @@ -35,7 +35,7 @@ #include "shadow/gshadow/sgrp.h" #include "shadowlog.h" #include "sssd.h" -#include "string/sprintf/stpeprintf.h" +#include "string/sprintf/seprintf.h" #include "string/strcmp/streq.h" #include "string/strcpy/stpecpy.h" #include "string/strdup/strdup.h" @@ -601,11 +601,11 @@ static void prepare_failure_reports (void) info_passwd.audit_msg = pw; pw_end = pw + 512; - gr = stpeprintf(gr, gr_end, "changing %s; ", gr_dbname ()); + gr = seprintf(gr, gr_end, "changing %s; ", gr_dbname()); #ifdef SHADOWGRP - sgr = stpeprintf(sgr, sgr_end, "changing %s; ", sgr_dbname ()); + sgr = seprintf(sgr, sgr_end, "changing %s; ", sgr_dbname()); #endif - pw = stpeprintf(pw, pw_end, "changing %s; ", pw_dbname ()); + pw = seprintf(pw, pw_end, "changing %s; ", pw_dbname()); info_group.action = gr; #ifdef SHADOWGRP @@ -613,14 +613,11 @@ static void prepare_failure_reports (void) #endif info_passwd.action = pw; - gr = stpeprintf(gr, gr_end, - "group %s/%ju", group_name, (uintmax_t) group_id); + gr = seprintf(gr, gr_end, "group %s/%ju", group_name, (uintmax_t) group_id); #ifdef SHADOWGRP - sgr = stpeprintf(sgr, sgr_end, - "group %s", group_name); + sgr = seprintf(sgr, sgr_end, "group %s", group_name); #endif - pw = stpeprintf(pw, pw_end, - "group %s/%ju", group_name, (uintmax_t) group_id); + pw = seprintf(pw, pw_end, "group %s/%ju", group_name, (uintmax_t) group_id); if (nflg) { gr = stpecpy(gr, gr_end, ", new name: "); @@ -640,10 +637,10 @@ static void prepare_failure_reports (void) } if (gflg) { gr = stpecpy(gr, gr_end, ", new gid: "); - stpeprintf(gr, gr_end, "%ju", (uintmax_t) group_newid); + seprintf(gr, gr_end, "%ju", (uintmax_t) group_newid); pw = stpecpy(pw, pw_end, ", new gid: "); - stpeprintf(pw, pw_end, "%ju", (uintmax_t) group_newid); + seprintf(pw, pw_end, "%ju", (uintmax_t) group_newid); } // FIXME: add a system cleanup From eef83b709fe255f6ed26c2c1f83f519622cf04ad Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Sun, 16 Mar 2025 21:56:25 +0100 Subject: [PATCH 09/12] lib/string/: seprintf(), stpecpy(): Add missing const Reported-by: Christopher Bazley Signed-off-by: Alejandro Colomar --- lib/string/sprintf/seprintf.c | 8 ++++---- lib/string/sprintf/seprintf.h | 9 +++++---- lib/string/strcpy/stpecpy.c | 3 ++- lib/string/strcpy/stpecpy.h | 4 ++-- 4 files changed, 13 insertions(+), 11 deletions(-) diff --git a/lib/string/sprintf/seprintf.c b/lib/string/sprintf/seprintf.c index 3be154fe78..2fdfdfbf98 100644 --- a/lib/string/sprintf/seprintf.c +++ b/lib/string/sprintf/seprintf.c @@ -10,8 +10,8 @@ #if !defined(HAVE_SEPRINTF) -extern inline char *seprintf(char *dst, char *end, const char *restrict fmt, - ...); -extern inline char *vseprintf(char *dst, char *end, const char *restrict fmt, - va_list ap); +extern inline char *seprintf(char *dst, const char *end, + const char *restrict fmt, ...); +extern inline char *vseprintf(char *dst, const char *end, + const char *restrict fmt, va_list ap); #endif diff --git a/lib/string/sprintf/seprintf.h b/lib/string/sprintf/seprintf.h index e1a2637802..b2059fb266 100644 --- a/lib/string/sprintf/seprintf.h +++ b/lib/string/sprintf/seprintf.h @@ -18,17 +18,18 @@ #if !defined(HAVE_SEPRINTF) // seprintf - string end-pointer print formatted format_attr(printf, 3, 4) -inline char *seprintf(char *dst, char *end, const char *restrict fmt, ...); +inline char *seprintf(char *dst, const char *end, const char *restrict fmt, + ...); // vseprintf - va_list string end-pointer print formatted format_attr(printf, 3, 0) -inline char *vseprintf(char *dst, char *end, const char *restrict fmt, +inline char *vseprintf(char *dst, const char *end, const char *restrict fmt, va_list ap); #endif #if !defined(HAVE_SEPRINTF) inline char * -seprintf(char *dst, char *end, const char *restrict fmt, ...) +seprintf(char *dst, const char *end, const char *restrict fmt, ...) { char *p; va_list ap; @@ -44,7 +45,7 @@ seprintf(char *dst, char *end, const char *restrict fmt, ...) #if !defined(HAVE_SEPRINTF) inline char * -vseprintf(char *dst, char *end, const char *restrict fmt, va_list ap) +vseprintf(char *dst, const char *end, const char *restrict fmt, va_list ap) { int len; ptrdiff_t size; diff --git a/lib/string/strcpy/stpecpy.c b/lib/string/strcpy/stpecpy.c index 2e6f92b0fc..878853e79f 100644 --- a/lib/string/strcpy/stpecpy.c +++ b/lib/string/strcpy/stpecpy.c @@ -8,5 +8,6 @@ #if !defined(HAVE_STPECPY) -extern inline char *stpecpy(char *dst, char *end, const char *restrict src); +extern inline char *stpecpy(char *dst, const char *end, + const char *restrict src); #endif diff --git a/lib/string/strcpy/stpecpy.h b/lib/string/strcpy/stpecpy.h index d564d778b7..c46346b8f6 100644 --- a/lib/string/strcpy/stpecpy.h +++ b/lib/string/strcpy/stpecpy.h @@ -19,13 +19,13 @@ #if !defined(HAVE_STPECPY) // stpecpy - string offset-pointer end-pointer copy ATTR_STRING(3) -inline char *stpecpy(char *dst, char *end, const char *restrict src); +inline char *stpecpy(char *dst, const char *end, const char *restrict src); #endif #if !defined(HAVE_STPECPY) inline char * -stpecpy(char *dst, char *end, const char *restrict src) +stpecpy(char *dst, const char *end, const char *restrict src) { bool trunc; char *p; From 6641f2b85cc20fbbb6cdb9783996d978baaea11d Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Mon, 21 Jul 2025 16:56:34 +0200 Subject: [PATCH 10/12] lib/string/strcpy/: stpecpy(): Use strtcpy() instead of its pattern Signed-off-by: Alejandro Colomar --- lib/string/strcpy/stpecpy.h | 18 +++++------------- 1 file changed, 5 insertions(+), 13 deletions(-) diff --git a/lib/string/strcpy/stpecpy.h b/lib/string/strcpy/stpecpy.h index c46346b8f6..c2471d4daa 100644 --- a/lib/string/strcpy/stpecpy.h +++ b/lib/string/strcpy/stpecpy.h @@ -14,6 +14,7 @@ #include #include "attr.h" +#include "string/strcpy/strtcpy.h" #if !defined(HAVE_STPECPY) @@ -27,25 +28,16 @@ inline char *stpecpy(char *dst, const char *end, const char *restrict src); inline char * stpecpy(char *dst, const char *end, const char *restrict src) { - bool trunc; - char *p; - size_t dsize, dlen, slen; + ssize_t dlen; if (dst == NULL) return NULL; - dsize = end - dst; - slen = strnlen(src, dsize); - trunc = (slen == dsize); - dlen = slen - trunc; - - p = stpcpy(mempcpy(dst, src, dlen), ""); - if (trunc) { - errno = E2BIG; + dlen = strtcpy(dst, src, end - dst); + if (dlen == -1) return NULL; - } - return p; + return dst + dlen; } #endif From 15bb424190573155ff365f0b53039b8ad694ad91 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Sat, 8 Feb 2025 16:36:26 +0100 Subject: [PATCH 11/12] lib/salt.c: Use stprintf() instead of snprintf(3) Signed-off-by: Alejandro Colomar --- lib/salt.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/lib/salt.c b/lib/salt.c index 2e6f83197e..573547cc07 100644 --- a/lib/salt.c +++ b/lib/salt.c @@ -26,6 +26,7 @@ #include "getdef.h" #include "prototypes.h" #include "shadowlog.h" +#include "string/sprintf/stprintf.h" #include "string/strcmp/streq.h" @@ -172,7 +173,7 @@ static /*@observer@*/void SHA_salt_rounds_to_buf (char *buf, unsigned long round */ assert (GENSALT_SETTING_SIZE > buf_begin + 17); - (void) snprintf (buf + buf_begin, 18, "rounds=%lu$", rounds); + stprintf(buf + buf_begin, 18, "rounds=%lu$", rounds); } #ifdef USE_BCRYPT @@ -250,7 +251,7 @@ static /*@observer@*/void BCRYPT_salt_rounds_to_buf (char *buf, unsigned long ro */ assert (GENSALT_SETTING_SIZE > buf_begin + 3); - (void) snprintf (buf + buf_begin, 4, "%2.2lu$", rounds); + stprintf(buf + buf_begin, 4, "%2.2lu$", rounds); } #endif /* USE_BCRYPT */ From ff0018592db0fa6020f77cceb633a94fa4e3e0f0 Mon Sep 17 00:00:00 2001 From: Alejandro Colomar Date: Mon, 10 Feb 2025 14:35:17 +0100 Subject: [PATCH 12/12] lib/string/: Use [0] for end pointers This helps document the fact that these pointers are pointers to one-after-the-last element of an array. GCC currently has a bug by which it triggers a diagnostic in this code. However, it works just fine, and the diagnostic can be ignored. We're working on removing that false positive in GCC, so the diagnostic will eventually disappear. Link: Signed-off-by: Alejandro Colomar --- lib/string/sprintf/seprintf.c | 4 ++-- lib/string/sprintf/seprintf.h | 10 +++++----- lib/string/strcpy/stpecpy.c | 4 ++-- lib/string/strcpy/stpecpy.h | 6 +++--- 4 files changed, 12 insertions(+), 12 deletions(-) diff --git a/lib/string/sprintf/seprintf.c b/lib/string/sprintf/seprintf.c index 2fdfdfbf98..cf62542fef 100644 --- a/lib/string/sprintf/seprintf.c +++ b/lib/string/sprintf/seprintf.c @@ -10,8 +10,8 @@ #if !defined(HAVE_SEPRINTF) -extern inline char *seprintf(char *dst, const char *end, +extern inline char *seprintf(char *dst, const char end[0], const char *restrict fmt, ...); -extern inline char *vseprintf(char *dst, const char *end, +extern inline char *vseprintf(char *dst, const char end[0], const char *restrict fmt, va_list ap); #endif diff --git a/lib/string/sprintf/seprintf.h b/lib/string/sprintf/seprintf.h index b2059fb266..197aa6aa87 100644 --- a/lib/string/sprintf/seprintf.h +++ b/lib/string/sprintf/seprintf.h @@ -1,4 +1,4 @@ -// SPDX-FileCopyrightText: 2022-2024, Alejandro Colomar +// SPDX-FileCopyrightText: 2022-2025, Alejandro Colomar // SPDX-License-Identifier: BSD-3-Clause @@ -18,18 +18,18 @@ #if !defined(HAVE_SEPRINTF) // seprintf - string end-pointer print formatted format_attr(printf, 3, 4) -inline char *seprintf(char *dst, const char *end, const char *restrict fmt, +inline char *seprintf(char *dst, const char end[0], const char *restrict fmt, ...); // vseprintf - va_list string end-pointer print formatted format_attr(printf, 3, 0) -inline char *vseprintf(char *dst, const char *end, const char *restrict fmt, +inline char *vseprintf(char *dst, const char end[0], const char *restrict fmt, va_list ap); #endif #if !defined(HAVE_SEPRINTF) inline char * -seprintf(char *dst, const char *end, const char *restrict fmt, ...) +seprintf(char *dst, const char end[0], const char *restrict fmt, ...) { char *p; va_list ap; @@ -45,7 +45,7 @@ seprintf(char *dst, const char *end, const char *restrict fmt, ...) #if !defined(HAVE_SEPRINTF) inline char * -vseprintf(char *dst, const char *end, const char *restrict fmt, va_list ap) +vseprintf(char *dst, const char end[0], const char *restrict fmt, va_list ap) { int len; ptrdiff_t size; diff --git a/lib/string/strcpy/stpecpy.c b/lib/string/strcpy/stpecpy.c index 878853e79f..bd36cbc1cb 100644 --- a/lib/string/strcpy/stpecpy.c +++ b/lib/string/strcpy/stpecpy.c @@ -1,4 +1,4 @@ -// SPDX-FileCopyrightText: 2022-2024, Alejandro Colomar +// SPDX-FileCopyrightText: 2022-2025, Alejandro Colomar // SPDX-License-Identifier: BSD-3-Clause @@ -8,6 +8,6 @@ #if !defined(HAVE_STPECPY) -extern inline char *stpecpy(char *dst, const char *end, +extern inline char *stpecpy(char *dst, const char end[0], const char *restrict src); #endif diff --git a/lib/string/strcpy/stpecpy.h b/lib/string/strcpy/stpecpy.h index c2471d4daa..7492f6e8fe 100644 --- a/lib/string/strcpy/stpecpy.h +++ b/lib/string/strcpy/stpecpy.h @@ -1,4 +1,4 @@ -// SPDX-FileCopyrightText: 2022-2024, Alejandro Colomar +// SPDX-FileCopyrightText: 2022-2025, Alejandro Colomar // SPDX-License-Identifier: BSD-3-Clause @@ -20,13 +20,13 @@ #if !defined(HAVE_STPECPY) // stpecpy - string offset-pointer end-pointer copy ATTR_STRING(3) -inline char *stpecpy(char *dst, const char *end, const char *restrict src); +inline char *stpecpy(char *dst, const char end[0], const char *restrict src); #endif #if !defined(HAVE_STPECPY) inline char * -stpecpy(char *dst, const char *end, const char *restrict src) +stpecpy(char *dst, const char end[0], const char *restrict src) { ssize_t dlen;