wcsmbs/wcslcat.c

   1 /* Append a null-terminated wide string to another, with length checking.
   2    Copyright (C) 2023-2024 Free Software Foundation, Inc.
   3    This file is part of the GNU C Library.
   4
   5    The GNU C Library is free software; you can redistribute it and/or
   6    modify it under the terms of the GNU Lesser General Public
   7    License as published by the Free Software Foundation; either
   8    version 2.1 of the License, or (at your option) any later version.
   9
  10    The GNU C Library is distributed in the hope that it will be useful,
  11    but WITHOUT ANY WARRANTY; without even the implied warranty of
  12    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
  13    Lesser General Public License for more details.
  14
  15    You should have received a copy of the GNU Lesser General Public
  16    License along with the GNU C Library; if not, see
  17    <https://www.gnu.org/licenses/>.  */
  18
  19 #include <stdint.h>
  20 #include <wchar.h>
  21
  22 size_t
  23 __wcslcat (wchar_t *__restrict dest, const wchar_t *__restrict src,
  24            size_t size)
  25 {
  26   size_t src_length = __wcslen (src);
  27
  28   /* Our implementation strlcat supports dest == NULL if size == 0
  29      (for consistency with snprintf and strlcpy), but wcsnlen does
  30      not, so we have to cover this case explicitly.  */
  31   if (size == 0)
  32     return src_length;
  33
  34   size_t dest_length = __wcsnlen (dest, size);
  35   if (dest_length != size)
  36     {
  37       /* Copy at most the remaining number of characters in the
  38          destination buffer.  Leave for the null terminator.  */
  39       size_t to_copy = size - dest_length - 1;
  40       /* But not more than what is available in the source string.  */
  41       if (to_copy > src_length)
  42         to_copy = src_length;
  43
  44       wchar_t *target = dest + dest_length;
  45       __wmemcpy (target, src, to_copy);
  46       target[to_copy] = '\0';
  47     }
  48
  49   /* If the sum wraps around, we have more than SIZE_MAX + 2 bytes in
  50      the two input strings (including both null terminators).  If each
  51      byte in the address space can be assigned a unique size_t value
  52      (which the static_assert checks), then by the pigeonhole
  53      principle, the two input strings must overlap, which is
  54      undefined.  */
  55   _Static_assert (sizeof (uintptr_t) == sizeof (size_t),
  56                   "theoretical maximum object size covers address space");
  57   return dest_length + src_length;
  58 }
  59 libc_hidden_def (__wcslcat)
  60 weak_alias (__wcslcat, wcslcat)