From: Jim Meyering <meyering@redhat.com>
Date: Thu, 4 Oct 2012 11:10:03 +0000 (+0200)
Subject: doc: update HACKING wrt strncpy/pstrcpy
X-Git-Tag: v1.3.0-rc0~373
X-Git-Url: https://www.infradead.org/git/?a=commitdiff_plain;h=9b9e3ec1b47f615f635055924e24705cc3f45b20;p=users%2Fdwmw2%2Fqemu.git

doc: update HACKING wrt strncpy/pstrcpy

Reword the section on strncpy: its NUL-filling is important
in some cases.  Mention that pstrcpy's signature is different.

Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
---

diff --git a/HACKING b/HACKING
index 471cf1d197..dddd617a6b 100644
--- a/HACKING
+++ b/HACKING
@@ -91,10 +91,11 @@ emulators.
 
 4. String manipulation
 
-Do not use the strncpy function.  According to the man page, it does
-*not* guarantee a NULL-terminated buffer, which makes it extremely dangerous
-to use.  Instead, use functionally equivalent function:
-void pstrcpy(char *buf, int buf_size, const char *str)
+Do not use the strncpy function.  As mentioned in the man page, it does *not*
+guarantee a NULL-terminated buffer, which makes it extremely dangerous to use.
+It also zeros trailing destination bytes out to the specified length.  Instead,
+use this similar function when possible, but note its different signature:
+void pstrcpy(char *dest, int dest_buf_size, const char *src)
 
 Don't use strcat because it can't check for buffer overflows, but:
 char *pstrcat(char *buf, int buf_size, const char *s)