RE: [Exim] Another small patch, please comment

トップ ページ
このメッセージを削除
このメッセージに返信
著者: michael
日付:  
To: exim-users
題目: RE: [Exim] Another small patch, please comment
> If the formal
> declaration of the function declares that it will copy n bytes FROM THE
> SOURCE STRING then what you proposed would be correct.


Yes, that's what the length parameter is good for. It is either
the number of characters in the source string or a smaller number,
but never more. At least that is how it should be, but so far nobody
showed a place where Exim works different.

I guess I have worked on too many programs that use their own string
library using the pointer/length model, thus removing the artificial
difference between str* and mem* functions and calling them all string
functions. I have no benchmarks on them, btw, but I don't need one,
because those libraries are used for _correctness_ when dealing with
NUL characters, not for efficiency.

I can imagine Exim going that way further than it already does. Right now
it deals with length/capacity variables in many places instead of using
strlen() often, like typical code does, but it may as well put those
variables together with the char pointer in a struct.

I see your point of unexpected behaviour, so I suggest to add a comment to
string_cat that forbids to set length to a larger value than the size of
the source string. I append a new patch. Concerning size and capacity:
I find the latter to be more descriptive and easier to distinguish from
"length". If you agree, then please change the variable name, too.

Michael
----------------------------------------------------------------------
--- string.c.orig    2003-04-03 15:31:24.000000000 +0200
+++ string.c    2003-04-03 23:01:02.000000000 +0200
@@ -770,14 +770,15 @@
 *************************************************/


/* This function is used when building up strings of unknown length. Room is
-always left for a terminating zero to be added.
+always left for a terminating zero to be added, but this function does not
+require strings to be NUL terminated.

 Arguments:
   string   points to the start of the string, or NULL if empty string
-  size     the current size of the store (updated if changed)
+  size     the current capacity of the store (updated if changed)
   ptr      the offset at which to add characters, updated
   s        points to characters to add
-  len      count of characters to add
+  len      count of characters to add, must not exceed the size of s


If string is given as NULL, *size and *ptr should both be zero.

@@ -826,7 +827,7 @@
     }
   }


-Ustrncpy(string + p, s, len);
+memcpy(string + p, s, len);
*ptr = p + len;
return string;
}