[PATCH] avoid GCC 10 warning -Wstringop-truncation

Sebastian Huber sebastian.huber at embedded-brains.de
Thu Jul 30 17:52:17 UTC 2020

On 30/07/2020 18:05, Gedare Bloom wrote:

> On Thu, Jul 30, 2020 at 9:55 AM Sebastian Huber
> <sebastian.huber at embedded-brains.de> wrote:
>> On 30/07/2020 17:53, Gedare Bloom wrote:
>>> On Thu, Jul 30, 2020 at 9:44 AM Sebastian Huber
>>> <sebastian.huber at embedded-brains.de>  wrote:
>>>> On 30/07/2020 13:36, Aschref Ben-Thabet wrote:
>>>>> diff --git a/testsuites/psxtests/psxndbm01/init.c b/testsuites/psxtests/psxndbm01/init.c
>>>>> index a13afa7315..b524aff0df 100644
>>>>> --- a/testsuites/psxtests/psxndbm01/init.c
>>>>> +++ b/testsuites/psxtests/psxndbm01/init.c
>>>>> @@ -218,7 +218,7 @@ rtems_task Init(rtems_task_argument ignored)
>>>>>       puts( "Fetch non-existing record and confirm error." );
>>>>>       test_strings = (char*)malloc(6);
>>>>> -  strncpy( test_strings, "Hello", 5 );
>>>>> +  memcpy( test_strings, "Hello", 5 );
>>>>>       test_strings[5] = '\0';
>>>> In the glibc devel list this approach was suggested for problems like this:
>>>> *(char *) mempcpy( test_strings, "Hello", 5 ) = '\0';
>>>> https://sourceware.org/legacy-ml/libc-alpha/2000-08/msg00061.html
>>> This code is suspect/wrong. that should create a NUL at the start of
>>> the test_strings. I'd rather see the memcpy followed by appending the
>>> NUL. It is easy enough to understand I think.
>> Yes, this was also my impression then I did read this code snippet.
>> Please note that this is memPcpy(), a GNU extension.
> thanks, I had missed that.
> I don't think there is an easy generalized way to do the delimiting
> with the standard memcpy. You could do it in one line, if we really
> wanted something like:
> ((char *) memcpy (test_strings, "Hello", 5 ))[5] = '\0';
> We could even create a little helper to do it if it is a common pattern.

The mempcpy() is also available in Newlib.

The only thing I know is that strncpy() is a useless function. With the 
new GCC warnings it is nearly impossible to use correctly. This function 
is an historic accident.

There are several ways to fix the warnings and I think there is no clear 
direction. We basically have the option to use the OpenBSD invented 
strlcpy() and strlcat() functions or some sort of memcpy() and 
mempcpy(). I think the OpenBSD philosophy is that if you put something 
in the strl*() and then at least a C-string is created. This may help to 
contain software bugs a bit and hinder error propagation. The glibc 
developer philosophy is probably that they only care about correct code 
and if you make mistakes that you can go to hell.

More information about the devel mailing list