i386: Remove memset_chk-nonshared.S
[glibc.git] / string / strlcat.c
blobdce4c255d1d6e5b7dd96b2b19ab1d54d6a7bf7df
1 /* Append a null-terminated string to another string, with length checking.
2 Copyright (C) 2023 Free Software Foundation, Inc.
3 This file is part of the GNU C Library.
5 The GNU C Library is free software; you can redistribute it and/or
6 modify it under the terms of the GNU Lesser General Public
7 License as published by the Free Software Foundation; either
8 version 2.1 of the License, or (at your option) any later version.
10 The GNU C Library is distributed in the hope that it will be useful,
11 but WITHOUT ANY WARRANTY; without even the implied warranty of
12 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
13 Lesser General Public License for more details.
15 You should have received a copy of the GNU Lesser General Public
16 License along with the GNU C Library; if not, see
17 <https://www.gnu.org/licenses/>. */
19 #include <stdint.h>
20 #include <string.h>
22 size_t
23 __strlcat (char *__restrict dest, const char *__restrict src, size_t size)
25 size_t src_length = strlen (src);
27 /* Our implementation strlcat supports dest == NULL if size == 0
28 (for consistency with snprintf and strlcpy), but strnlen does
29 not, so we have to cover this case explicitly. */
30 if (size == 0)
31 return src_length;
33 size_t dest_length = __strnlen (dest, size);
34 if (dest_length != size)
36 /* Copy at most the remaining number of characters in the
37 destination buffer. Leave for the NUL terminator. */
38 size_t to_copy = size - dest_length - 1;
39 /* But not more than what is available in the source string. */
40 if (to_copy > src_length)
41 to_copy = src_length;
43 char *target = dest + dest_length;
44 memcpy (target, src, to_copy);
45 target[to_copy] = '\0';
48 /* If the sum wraps around, we have more than SIZE_MAX + 2 bytes in
49 the two input strings (including both null terminators). If each
50 byte in the address space can be assigned a unique size_t value
51 (which the static_assert checks), then by the pigeonhole
52 principle, the two input strings must overlap, which is
53 undefined. */
54 _Static_assert (sizeof (uintptr_t) == sizeof (size_t),
55 "theoretical maximum object size covers address space");
56 return dest_length + src_length;
58 libc_hidden_def (__strlcat)
59 weak_alias (__strlcat, strlcat)