[PATCH] weston-launch: Fixed TTY switching

Bill Spitzak spitzak at gmail.com
Wed Apr 8 15:24:44 PDT 2015

On 04/08/2015 02:35 PM, Daniel Stone wrote:

>     The best solution is to use strlcpy.
>     If politics make that impossible, use snprintf(dest, len, "%s", src)
>     which is exactly the same as strlcpy, including the return value!
>     (imagine that...)
> It's not the politics, it's that silently truncating a filename you're
> hoping to use will at best pick a non-existent file, and at worst pick a
> totally different/unrelated file.

Except strncpy and snprintf also "silently truncate the filename" so it 
is politics because those functions exist.

And strlcpy and snprintf are not really "silent": you can check if the 
return value is greater than the buffer size and know if truncation 

> To be honest though, I'd prefer the library entrypoint existed so the
> intention was clear, making it easier to audit for and spot this
> horrendous anti-pattern.

Maybe something like fopen(filename(a,b,c,NULL),...). But in C this is 
going to have to return a TLS buffer, I guess.

More information about the wayland-devel mailing list