safec  2.1
Safe C Library - ISO TR24731 Bounds Checking Interface
strcat_s.c
Go to the documentation of this file.
1 /*------------------------------------------------------------------
2  * strcat_s.c
3  *
4  * October 2008, Bo Berry
5  *
6  * Copyright (c) 2008-2011 by Cisco Systems, Inc
7  * All rights reserved.
8  *
9  * Permission is hereby granted, free of charge, to any person
10  * obtaining a copy of this software and associated documentation
11  * files (the "Software"), to deal in the Software without
12  * restriction, including without limitation the rights to use,
13  * copy, modify, merge, publish, distribute, sublicense, and/or
14  * sell copies of the Software, and to permit persons to whom the
15  * Software is furnished to do so, subject to the following
16  * conditions:
17  *
18  * The above copyright notice and this permission notice shall be
19  * included in all copies or substantial portions of the Software.
20  *
21  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
22  * EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES
23  * OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
24  * NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT
25  * HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,
26  * WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
27  * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR
28  * OTHER DEALINGS IN THE SOFTWARE.
29  *------------------------------------------------------------------
30  */
31 
32 #include "safeclib_private.h"
33 #include "safe_str_constraint.h"
34 #include "safe_str_lib.h"
35 
36 
91 errno_t
92 strcat_s (char * restrict dest, rsize_t dmax, const char * restrict src)
93 {
94  rsize_t orig_dmax;
95  char *orig_dest;
96  const char *overlap_bumper;
97 
98  if (dest == NULL) {
99  invoke_safe_str_constraint_handler("strcat_s: dest is null",
100  NULL, ESNULLP);
101  return RCNEGATE(ESNULLP);
102  }
103 
104  if (src == NULL) {
105  invoke_safe_str_constraint_handler("strcat_s: src is null",
106  NULL, ESNULLP);
107  return RCNEGATE(ESNULLP);
108  }
109 
110  if (dmax == 0) {
111  invoke_safe_str_constraint_handler("strcat_s: dmax is 0",
112  NULL, ESZEROL);
113  return RCNEGATE(ESZEROL);
114  }
115 
116  if (dmax > RSIZE_MAX_STR) {
117  invoke_safe_str_constraint_handler("strcat_s: dmax exceeds max",
118  NULL, ESLEMAX);
119  return RCNEGATE(ESLEMAX);
120  }
121 
122  /* hold base of dest in case src was not copied */
123  orig_dmax = dmax;
124  orig_dest = dest;
125 
126  if (dest < src) {
127  overlap_bumper = src;
128 
129  /* Find the end of dest */
130  while (*dest != '\0') {
131 
132  if (dest == overlap_bumper) {
133  handle_error(orig_dest, orig_dmax, "strcat_s: "
134  "overlapping objects",
135  ESOVRLP);
136  return RCNEGATE(ESOVRLP);
137  }
138 
139  dest++;
140  dmax--;
141  if (dmax == 0) {
142  handle_error(orig_dest, orig_dmax, "strcat_s: "
143  "dest unterminated",
144  ESUNTERM);
145  return RCNEGATE(ESUNTERM);
146  }
147  }
148 
149  while (dmax > 0) {
150  if (dest == overlap_bumper) {
151  handle_error(orig_dest, orig_dmax, "strcat_s: "
152  "overlapping objects",
153  ESOVRLP);
154  return RCNEGATE(ESOVRLP);
155  }
156 
157  *dest = *src;
158  if (*dest == '\0') {
159 #ifdef SAFECLIB_STR_NULL_SLACK
160  /* null slack to clear any data */
161  while (dmax) { *dest = '\0'; dmax--; dest++; }
162 #endif
163  return RCNEGATE(EOK);
164  }
165 
166  dmax--;
167  dest++;
168  src++;
169  }
170 
171  } else {
172  overlap_bumper = dest;
173 
174  /* Find the end of dest */
175  while (*dest != '\0') {
176 
177  /*
178  * NOTE: no need to check for overlap here since src comes first
179  * in memory and we're not incrementing src here.
180  */
181  dest++;
182  dmax--;
183  if (dmax == 0) {
184  handle_error(orig_dest, orig_dmax, "strcat_s: "
185  "dest unterminated",
186  ESUNTERM);
187  return RCNEGATE(ESUNTERM);
188  }
189  }
190 
191  while (dmax > 0) {
192  if (src == overlap_bumper) {
193  handle_error(orig_dest, orig_dmax, "strcat_s: "
194  "overlapping objects",
195  ESOVRLP);
196  return RCNEGATE(ESOVRLP);
197  }
198 
199  *dest = *src;
200  if (*dest == '\0') {
201 #ifdef SAFECLIB_STR_NULL_SLACK
202  /* null slack to clear any data */
203  while (dmax) { *dest = '\0'; dmax--; dest++; }
204 #endif
205  return RCNEGATE(EOK);
206  }
207 
208  dmax--;
209  dest++;
210  src++;
211  }
212  }
213 
214  /*
215  * the entire src was not copied, so null the string
216  */
217  handle_error(orig_dest, orig_dmax, "strcat_s: not enough "
218  "space for src",
219  ESNOSPC);
220 
221  return RCNEGATE(ESNOSPC);
222 }
223 EXPORT_SYMBOL(strcat_s)
errno_t strcat_s(char *restrict dest, rsize_t dmax, const char *restrict src)
The strcat_s function appends a copy of the string pointed to by src (including the terminating null ...
Definition: strcat_s.c:92
void invoke_safe_str_constraint_handler(const char *msg, void *ptr, errno_t error)
Invokes the currently set constraint handler or the default.