X-Authentication-Warning: delorie.com: mail set sender to geda-user-bounces using -f
X-Recipient: geda-user AT delorie DOT com
Message-ID: <20230203115146.19499.qmail@stuge.se>
Date: Fri, 3 Feb 2023 11:51:46 +0000
From: "Peter Stuge (peter AT stuge DOT se) [via geda-user AT delorie DOT com]" <geda-user AT delorie DOT com>
To: geda-user AT delorie DOT com
Subject: Re: [geda-user] strncpy in pcb
References: <20230202154018 DOT 8BD4085E50B5 AT turkos DOT aspodata DOT se>
 <xn7cx02cph DOT fsf AT envy DOT delorie DOT com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <xn7cx02cph.fsf@envy.delorie.com>
Reply-To: geda-user AT delorie DOT com
Errors-To: nobody AT delorie DOT com
X-Mailing-List: geda-user AT delorie DOT com
X-Unsubscribes-To: listserv AT delorie DOT com
Precedence: bulk

DJ Delorie wrote:
> What is needed is a function that:
> 
> 1. Copies the whole string, including NUL, if it fits, or
> 
> 2. Fails safely if it doesn't.

If _BSD_SOURCE || _XOPEN_SOURCE >= 500 || _ISOC99_SOURCE || _POSIX_C_SOURCE >= 200112L
and overlap can be excluded, how about:

if (snprintf(out, "%.*s", sizeof (out), in) >= sizeof (out))
	return -EOVERFLOW;

Note that Win32 snprintf() behaves subtly differently with equal sizes,
I do this in some code to compensate by wasting 1 byte on non-Win32:

#define snprintf_sizeof(str, ...) snprintf((str), sizeof (str) - 1, __VA_ARGS__)


//Peter