strlcat.c 2.3 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859
  1. /* Append a null-terminated string to another string, with length checking.
  2. Copyright (C) 2023-2026 Free Software Foundation, Inc.
  3. This file is part of the GNU C Library.
  4. The GNU C Library is free software; you can redistribute it and/or
  5. modify it under the terms of the GNU Lesser General Public
  6. License as published by the Free Software Foundation; either
  7. version 2.1 of the License, or (at your option) any later version.
  8. The GNU C Library is distributed in the hope that it will be useful,
  9. but WITHOUT ANY WARRANTY; without even the implied warranty of
  10. MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
  11. Lesser General Public License for more details.
  12. You should have received a copy of the GNU Lesser General Public
  13. License along with the GNU C Library; if not, see
  14. <https://www.gnu.org/licenses/>. */
  15. #include <stdint.h>
  16. #include <string.h>
  17. size_t
  18. __strlcat (char *__restrict dest, const char *__restrict src, size_t size)
  19. {
  20. size_t src_length = strlen (src);
  21. /* Our implementation strlcat supports dest == NULL if size == 0
  22. (for consistency with snprintf and strlcpy), but strnlen does
  23. not, so we have to cover this case explicitly. */
  24. if (size == 0)
  25. return src_length;
  26. size_t dest_length = __strnlen (dest, size);
  27. if (dest_length != size)
  28. {
  29. /* Copy at most the remaining number of characters in the
  30. destination buffer. Leave for the NUL terminator. */
  31. size_t to_copy = size - dest_length - 1;
  32. /* But not more than what is available in the source string. */
  33. if (to_copy > src_length)
  34. to_copy = src_length;
  35. char *target = dest + dest_length;
  36. memcpy (target, src, to_copy);
  37. target[to_copy] = '\0';
  38. }
  39. /* If the sum wraps around, we have more than SIZE_MAX + 2 bytes in
  40. the two input strings (including both null terminators). If each
  41. byte in the address space can be assigned a unique size_t value
  42. (which the static_assert checks), then by the pigeonhole
  43. principle, the two input strings must overlap, which is
  44. undefined. */
  45. _Static_assert (sizeof (uintptr_t) == sizeof (size_t),
  46. "theoretical maximum object size covers address space");
  47. return dest_length + src_length;
  48. }
  49. libc_hidden_def (__strlcat)
  50. weak_alias (__strlcat, strlcat)