6 files changed, 33 insertions, 31 deletions
diff --git a/include/string.h b/include/string.h
index 9cb0598..75dadab 100644
--- a/include/string.h
+++ b/include/string.h
@@ -189,19 +189,17 @@ _FORTIFY_FN(stpncpy) char *stpncpy(char * _FORTIFY_POS0 __d, const char *__s,
 #if __has_builtin(__builtin___stpncpy_chk) && USE_NATIVE_CHK
        return __builtin___stpncpy_chk(__d, __s, __n, __fh_bos(__d, 0));
 #else
-#if 0
+        __fh_size_t max_len_s = strnlen(__s, __n);
-        // They check overlap across the whole range of the given length, but
+        if (__fh_overlap(__d, max_len_s, __s, max_len_s))
-        // the given length is not what will actually be copied, rather it's
-        // the maximum length (if src is shorter, only length of src will be
-        // copied). This triggers false positives and traps where it shouldn't
-        // (e.g. in ICU tests).
-        if (__fh_overlap(__d, __s, __n))
                __builtin_trap();
-#endif
+        // If the length strlen(src) is smaller than n, the remaining
+        // characters in the array pointed to by dest are filled with null
+        // bytes ('\0')
        __fh_size_t __b = __fh_bos(__d, 0);
-        if (__n > __b && strlen(__s) + 1 > __b)
+        if (__n > __b)
                __builtin_trap();
        return __orig_stpncpy(__d, __s, __n);
 #endif
 }
@@ -297,19 +295,16 @@ _FORTIFY_FN(strncpy) char *strncpy(char * _FORTIFY_POS0 __d,
 #if __has_builtin(__builtin___strncpy_chk) && USE_NATIVE_CHK
        return __builtin___strncpy_chk(__d, __s, __n, __fh_bos(__d, 0));
 #else
-#if 0
+        __fh_size_t max_len_s = strnlen(__s, __n);
-        // They check overlap across the whole range of the given length, but
+        if (__fh_overlap(__d, max_len_s, __s, max_len_s))
-        // the given length is not what will actually be copied, rather it's
-        // the maximum length (if src is shorter, only length of src will be
-        // copied). This triggers false positives and traps where it shouldn't
-        // (e.g. in ICU tests).
-        if (__fh_overlap(__d, __s, __n))
                __builtin_trap();
-#endif
+        // If the length of src is less than n, strncpy() writes additional
+        // null bytes to dest to ensure that a total of n bytes are written.
        __fh_size_t __b = __fh_bos(__d, 0);
        if (__n > __b)
                __builtin_trap();
        return __orig_strncpy(__d, __s, __n);
 #endif
 }
diff --git a/tests/test_stpncpy_dynamic_write.c b/tests/test_stpncpy_dynamic_write.c
index 8fbfe7e..14f6fd9 100644
--- a/tests/test_stpncpy_dynamic_write.c
+++ b/tests/test_stpncpy_dynamic_write.c
@@ -3,8 +3,9 @@
 #include <string.h>
 int main(int argc, char** argv) {
-  char buffer[8] = {0};
+  char buffer[] = {'A', 'B', 'C', 'D', 'E', 'F', '\0'};
-  stpncpy(buffer, "1234567", 5);
+  stpncpy(buffer, "1234567", 3);
  puts(buffer);
  CHK_FAIL_START
diff --git a/tests/test_stpncpy_overwrite_over.c b/tests/test_stpncpy_overwrite_over.c
index 004e2b8..21c88ce 100644
--- a/tests/test_stpncpy_overwrite_over.c
+++ b/tests/test_stpncpy_overwrite_over.c
@@ -3,15 +3,16 @@
 #include <string.h>
 int main(int argc, char** argv) {
-#if 0
  char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
  puts(buffer);
+  stpncpy(buffer, buffer+5, 2);
+  puts(buffer);
  CHK_FAIL_START
  stpncpy(buffer+1, buffer, 5);
  CHK_FAIL_END
  puts(buffer);
-#endif
  return ret;
 }
diff --git a/tests/test_stpncpy_overwrite_under.c b/tests/test_stpncpy_overwrite_under.c
index 845ae29..3b435de 100644
--- a/tests/test_stpncpy_overwrite_under.c
+++ b/tests/test_stpncpy_overwrite_under.c
@@ -3,15 +3,17 @@
 #include <string.h>
 int main(int argc, char** argv) {
-#if 0
  char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
  puts(buffer);
+  stpncpy(buffer+5, buffer, 2);
+  puts(buffer);
+  char buffer2[] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
  CHK_FAIL_START
-  stpncpy(buffer-1, buffer, 5);
+  stpncpy(buffer2-1, buffer2, 5);
  CHK_FAIL_END
-  puts(buffer);
+  puts(buffer2);
-#endif
  return ret;
 }
diff --git a/tests/test_strncpy_overwrite_over.c b/tests/test_strncpy_overwrite_over.c
index 94b6d2b..d99d270 100644
--- a/tests/test_strncpy_overwrite_over.c
+++ b/tests/test_strncpy_overwrite_over.c
@@ -3,15 +3,20 @@
 #include <string.h>
 int main(int argc, char** argv) {
-#if 0
  char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
  puts(buffer);
+  strncpy(buffer, buffer+4, 1);
+  puts(buffer);
+  strncpy(buffer+6, buffer, 1);
+  puts(buffer);
+  char buffer2[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
  CHK_FAIL_START
-  strncpy(buffer+1, buffer, 5);
+  strncpy(buffer2+1, buffer2, 5);
  CHK_FAIL_END
-  puts(buffer);
+  puts(buffer2);
-#endif
  return ret;
 }
diff --git a/tests/test_strncpy_overwrite_under.c b/tests/test_strncpy_overwrite_under.c
index 8a0a4af..f554b28 100644
--- a/tests/test_strncpy_overwrite_under.c
+++ b/tests/test_strncpy_overwrite_under.c
@@ -3,7 +3,6 @@
 #include <string.h>
 int main(int argc, char** argv) {
-#if 0
  char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
  puts(buffer);
@@ -12,6 +11,5 @@ int main(int argc, char** argv) {
  CHK_FAIL_END
  puts(buffer);
-#endif
  return ret;
 }

diff --git a/include/string.h b/include/string.h index 9cb0598..75dadab 100644 --- a/include/string.h +++ b/include/string.h
@@ -189,19 +189,17 @@ _FORTIFY_FN(stpncpy) char stpncpy(char _FORTIFY_POS0 __d, const char *__s,
189	#if __has_builtin(__builtin___stpncpy_chk) && USE_NATIVE_CHK	189	#if __has_builtin(__builtin___stpncpy_chk) && USE_NATIVE_CHK
190	return __builtin___stpncpy_chk(__d, __s, __n, __fh_bos(__d, 0));	190	return __builtin___stpncpy_chk(__d, __s, __n, __fh_bos(__d, 0));
191	#else	191	#else
192	#if 0	192	__fh_size_t max_len_s = strnlen(__s, __n);
193	// They check overlap across the whole range of the given length, but	193	if (__fh_overlap(__d, max_len_s, __s, max_len_s))
194	// the given length is not what will actually be copied, rather it's
195	// the maximum length (if src is shorter, only length of src will be
196	// copied). This triggers false positives and traps where it shouldn't
197	// (e.g. in ICU tests).
198	if (__fh_overlap(__d, __s, __n))
199	__builtin_trap();	194	__builtin_trap();
200	#endif
201		195
		196	// If the length strlen(src) is smaller than n, the remaining
		197	// characters in the array pointed to by dest are filled with null
		198	// bytes ('\0')
202	__fh_size_t __b = __fh_bos(__d, 0);	199	__fh_size_t __b = __fh_bos(__d, 0);
203	if (__n > __b && strlen(__s) + 1 > __b)	200	if (__n > __b)
204	__builtin_trap();	201	__builtin_trap();
		202
205	return __orig_stpncpy(__d, __s, __n);	203	return __orig_stpncpy(__d, __s, __n);
206	#endif	204	#endif
207	}	205	}
@@ -297,19 +295,16 @@ _FORTIFY_FN(strncpy) char strncpy(char _FORTIFY_POS0 __d,
297	#if __has_builtin(__builtin___strncpy_chk) && USE_NATIVE_CHK	295	#if __has_builtin(__builtin___strncpy_chk) && USE_NATIVE_CHK
298	return __builtin___strncpy_chk(__d, __s, __n, __fh_bos(__d, 0));	296	return __builtin___strncpy_chk(__d, __s, __n, __fh_bos(__d, 0));
299	#else	297	#else
300	#if 0	298	__fh_size_t max_len_s = strnlen(__s, __n);
301	// They check overlap across the whole range of the given length, but	299	if (__fh_overlap(__d, max_len_s, __s, max_len_s))
302	// the given length is not what will actually be copied, rather it's
303	// the maximum length (if src is shorter, only length of src will be
304	// copied). This triggers false positives and traps where it shouldn't
305	// (e.g. in ICU tests).
306	if (__fh_overlap(__d, __s, __n))
307	__builtin_trap();	300	__builtin_trap();
308	#endif
309		301
		302	// If the length of src is less than n, strncpy() writes additional
		303	// null bytes to dest to ensure that a total of n bytes are written.
310	__fh_size_t __b = __fh_bos(__d, 0);	304	__fh_size_t __b = __fh_bos(__d, 0);
311	if (__n > __b)	305	if (__n > __b)
312	__builtin_trap();	306	__builtin_trap();
		307
313	return __orig_strncpy(__d, __s, __n);	308	return __orig_strncpy(__d, __s, __n);
314	#endif	309	#endif
315	}	310	}


diff --git a/tests/test_stpncpy_dynamic_write.c b/tests/test_stpncpy_dynamic_write.c index 8fbfe7e..14f6fd9 100644 --- a/tests/test_stpncpy_dynamic_write.c +++ b/tests/test_stpncpy_dynamic_write.c
@@ -3,8 +3,9 @@
3	#include <string.h>	3	#include <string.h>
4		4
5	int main(int argc, char** argv) {	5	int main(int argc, char** argv) {
6	char buffer[8] = {0};	6	char buffer[] = {'A', 'B', 'C', 'D', 'E', 'F', '\0'};
7	stpncpy(buffer, "1234567", 5);	7
		8	stpncpy(buffer, "1234567", 3);
8	puts(buffer);	9	puts(buffer);
9		10
10	CHK_FAIL_START	11	CHK_FAIL_START


diff --git a/tests/test_stpncpy_overwrite_over.c b/tests/test_stpncpy_overwrite_over.c index 004e2b8..21c88ce 100644 --- a/tests/test_stpncpy_overwrite_over.c +++ b/tests/test_stpncpy_overwrite_over.c
@@ -3,15 +3,16 @@
3	#include <string.h>	3	#include <string.h>
4		4
5	int main(int argc, char** argv) {	5	int main(int argc, char** argv) {
6	#if 0
7	char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};	6	char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
8	puts(buffer);	7	puts(buffer);
9		8
		9	stpncpy(buffer, buffer+5, 2);
		10	puts(buffer);
		11
10	CHK_FAIL_START	12	CHK_FAIL_START
11	stpncpy(buffer+1, buffer, 5);	13	stpncpy(buffer+1, buffer, 5);
12	CHK_FAIL_END	14	CHK_FAIL_END
13		15
14	puts(buffer);	16	puts(buffer);
15	#endif
16	return ret;	17	return ret;
17	}	18	}


diff --git a/tests/test_stpncpy_overwrite_under.c b/tests/test_stpncpy_overwrite_under.c index 845ae29..3b435de 100644 --- a/tests/test_stpncpy_overwrite_under.c +++ b/tests/test_stpncpy_overwrite_under.c
@@ -3,15 +3,17 @@
3	#include <string.h>	3	#include <string.h>
4		4
5	int main(int argc, char** argv) {	5	int main(int argc, char** argv) {
6	#if 0
7	char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};	6	char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
8	puts(buffer);	7	puts(buffer);
9		8
		9	stpncpy(buffer+5, buffer, 2);
		10	puts(buffer);
		11
		12	char buffer2[] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
10	CHK_FAIL_START	13	CHK_FAIL_START
11	stpncpy(buffer-1, buffer, 5);	14	stpncpy(buffer2-1, buffer2, 5);
12	CHK_FAIL_END	15	CHK_FAIL_END
13		16
14	puts(buffer);	17	puts(buffer2);
15	#endif
16	return ret;	18	return ret;
17	}	19	}


diff --git a/tests/test_strncpy_overwrite_over.c b/tests/test_strncpy_overwrite_over.c index 94b6d2b..d99d270 100644 --- a/tests/test_strncpy_overwrite_over.c +++ b/tests/test_strncpy_overwrite_over.c
@@ -3,15 +3,20 @@
3	#include <string.h>	3	#include <string.h>
4		4
5	int main(int argc, char** argv) {	5	int main(int argc, char** argv) {
6	#if 0
7	char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};	6	char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
8	puts(buffer);	7	puts(buffer);
9		8
		9	strncpy(buffer, buffer+4, 1);
		10	puts(buffer);
		11
		12	strncpy(buffer+6, buffer, 1);
		13	puts(buffer);
		14
		15	char buffer2[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
10	CHK_FAIL_START	16	CHK_FAIL_START
11	strncpy(buffer+1, buffer, 5);	17	strncpy(buffer2+1, buffer2, 5);
12	CHK_FAIL_END	18	CHK_FAIL_END
13		19
14	puts(buffer);	20	puts(buffer2);
15	#endif
16	return ret;	21	return ret;
17	}	22	}


diff --git a/tests/test_strncpy_overwrite_under.c b/tests/test_strncpy_overwrite_under.c index 8a0a4af..f554b28 100644 --- a/tests/test_strncpy_overwrite_under.c +++ b/tests/test_strncpy_overwrite_under.c
@@ -3,7 +3,6 @@
3	#include <string.h>	3	#include <string.h>
4		4
5	int main(int argc, char** argv) {	5	int main(int argc, char** argv) {
6	#if 0
7	char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};	6	char buffer[9] = {'A', 'A', 'A', 'A', 'B', 'B', 'B', 'B', '\0'};
8	puts(buffer);	7	puts(buffer);
9		8
@@ -12,6 +11,5 @@ int main(int argc, char** argv) {
12	CHK_FAIL_END	11	CHK_FAIL_END
13		12
14	puts(buffer);	13	puts(buffer);
15	#endif
16	return ret;	14	return ret;
17	}	15	}