> If the formal
> declaration of the function declares that it will copy n bytes FROM THE
> SOURCE STRING then what you proposed would be correct.
Yes, that's what the length parameter is good for. It is either
the number of characters in the source string or a smaller number,
but never more. At least that is how it should be, but so far nobody
showed a place where Exim works different.
I guess I have worked on too many programs that use their own string
library using the pointer/length model, thus removing the artificial
difference between str* and mem* functions and calling them all string
functions. I have no benchmarks on them, btw, but I don't need one,
because those libraries are used for _correctness_ when dealing with
NUL characters, not for efficiency.
I can imagine Exim going that way further than it already does. Right now
it deals with length/capacity variables in many places instead of using
strlen() often, like typical code does, but it may as well put those
variables together with the char pointer in a struct.
I see your point of unexpected behaviour, so I suggest to add a comment to
string_cat that forbids to set length to a larger value than the size of
the source string. I append a new patch. Concerning size and capacity:
I find the latter to be more descriptive and easier to distinguish from
"length". If you agree, then please change the variable name, too.
Michael
----------------------------------------------------------------------
--- string.c.orig 2003-04-03 15:31:24.000000000 +0200
+++ string.c 2003-04-03 23:01:02.000000000 +0200
@@ -770,14 +770,15 @@
*************************************************/
/* This function is used when building up strings of unknown length. Room is
-always left for a terminating zero to be added.
+always left for a terminating zero to be added, but this function does not
+require strings to be NUL terminated.
Arguments:
string points to the start of the string, or NULL if empty string
- size the current size of the store (updated if changed)
+ size the current capacity of the store (updated if changed)
ptr the offset at which to add characters, updated
s points to characters to add
- len count of characters to add
+ len count of characters to add, must not exceed the size of s
If string is given as NULL, *size and *ptr should both be zero.
@@ -826,7 +827,7 @@
}
}
-Ustrncpy(string + p, s, len);
+memcpy(string + p, s, len);
*ptr = p + len;
return string;
}
