if (src[i] != dst[i])
return -1;
- /* Size fail */
- err = memcpy_s (dst + 1, sizeof (dst) - 1, src, sizeof (src));
+ /*
+ * Size test: sizeof (src) > sizeof (dst)
+ * Skip this test when __builtin_constant_p (sizeof (src)) is true.
+ * This is because memcpy_s_inline skips all the errors checking when the
+ * the above buildin function returns true which may cause overrun problem
+ * for dst buffer if this test is executed.
+ */
+ if (__builtin_constant_p (sizeof (src)) == 0)
+ {
+ err = memcpy_s (dst + 1, sizeof (dst) - 1, src, sizeof (src));
- if (err == EOK)
- return -1;
+ if (err == EOK)
+ return -1;
+ }
/* overlap fail */
err = memcpy_s (dst, sizeof (dst), dst + 1, sizeof (dst) - 1);
/* Null pointers comparison */
s = 0;
indicator = clib_strcmp (s, s);
- if (indicator != 0)
- return -1;
- /* verify it against strcmp */
- indicator = strcmp (s, s);
if (indicator != 0)
return -1;
v_indicator = strncmp (s1, "Every moment is a fresh beginning", s1len);
if (v_indicator != 0)
return -1;
- if (v_indicator != indicator)
- return -1;
/* s1 > s2, 0 is expected since comparison is no more than n character */
indicator = clib_strncmp (s1, "Every moment is a fresh begin",
sizeof ("Every moment is a fresh begin") - 1);
if (v_indicator != 0)
return -1;
- if (v_indicator != indicator)
- return -1;
/* s1 < s2, < 0 is expected */
indicator = clib_strncmp (s1, "Every moment is fresh beginning",
v_indicator = strncmp (s1, "Every moment is a fresh beginning", s1len + 1);
if (v_indicator != 0)
return -1;
- if (v_indicator != indicator)
- return -1;
/* unterminated s1 */
s1[s1len] = 0x1;
sizeof ("Every moment is a fresh beginning") - 1);
if (v_indicator != 0)
return -1;
- if (v_indicator != indicator)
- return -1;
/* OK, seems to work */
return 0;
return -1;
/* verify it against strcpy */
- strcpy (dst, src);
+ strcpy (dst, src); //NOSONAR
/* This better not fail but check anyhow */
if (strcmp_s (dst, clib_strnlen (dst, sizeof (dst)), src, &indicator) !=
{
char src[] = "Those who dare to fail miserably can achieve greatly.";
char dst[100], old_dst[100];
- int indicator;
+ int indicator, i;
size_t s1size = sizeof (dst); // including null
errno_t err;
return -1;
/* n > string len of src */
+ err = clib_memset (dst, 1, sizeof (dst));
+ if (err != EOK)
+ return -1;
+
err = strncpy_s (dst, s1size, src, clib_strnlen (src, sizeof (src)) + 10);
if (err != EOK)
return -1;
if (indicator != 0)
return -1;
+ /* Make sure bytes after strlen(dst) is untouched */
+ for (i = 1 + clib_strnlen (dst, sizeof (dst)); i < sizeof (dst); i++)
+ if (dst[i] != 1)
+ return -1;
+
/* truncation, n >= dmax */
err = strncpy_s (dst, clib_strnlen (src, sizeof (src)), src,
clib_strnlen (src, sizeof (src)));
return -1;
/* Verify it against strncpy */
+#if __GNUC__ < 8
+ /* GCC 8 debian flunks this one at compile time */
strncpy (dst, src, strlen (src));
/* This better not fail but check anyhow */
return -1;
if (indicator != 0)
return -1;
+#endif
/* limited copy -- strlen src > n, copy up to n */
err = clib_strncpy (dst, "The price of greatness is responsibility.", 10);
if (indicator != 0)
return -1;
/* Verify it against strncpy */
+#if __GNUC__ < 8
+ /* GCC 8 debian flunks this one at compile time */
strncpy (dst, src, strlen (src));
if (strcmp_s (dst, clib_strnlen (dst, sizeof (dst)), src, &indicator) !=
EOK)
return -1;
if (indicator != 0)
return -1;
+#endif
/* zero length copy */
clib_strncpy (old_dst, dst, clib_strnlen (dst, sizeof (dst)));
if (indicator != 0)
return -1;
/* verify it against strncat */
+#if __GNUC__ < 8
+ /* GCC 8 debian flunks this one at compile time */
strcpy_s (dst, sizeof (dst), s1);
strncat (dst, s2, 13);
if (strcmp_s (dst, s1size - 1, "Two things are infinite: the universe ",
return -1;
if (indicator != 0)
return -1;
+#endif
/* negative stuff */
err = strncat_s (0, 0, 0, 1);
if (indicator != 0)
return -1;
/* verify it against strncat */
+#if __GNUC__ < 8
+ /* GCC 8 debian flunks this one at compile time */
strcpy_s (dst, sizeof (dst), s1);
strncat (dst, s2, 13);
if (strcmp_s (dst, s1size - 1, "Two things are infinite: the universe ",
return -1;
if (indicator != 0)
return -1;
+#endif
/* negative stuff */
err = clib_strncat (0, 0, 1);
Code Review / vpp.git / blobdiff