Where is strnlen() ?

[Giorgos Keramidas]

On 2004-08-11 20:38, "Thordur Ivar B." <thib at mi.is> wrote:
> On Wed, 11 Aug 2004 13:03:23 -0700 Kris Kennaway <kris at obsecurity.org> wrote:
> > On Wed, Aug 11, 2004 at 07:32:54PM +0000, Thordur Ivar B. wrote:
> > > While porting software from a friend wich was developed under Linux, I
> > > stumbled upon an error: src/socket.c:236: warning: implicit declaration of
> > > function`strnlen'
> > >
> > > Now my programming experience is nothing to brag about but I wonder why
> > > strnlen is not a part of FreeBSD's libc. [...]
> >
> > That's not a standard function outside the Linux world, and it's not
> > very necessary for security..no matter how you calculate the string
> > size, you still have to have your brain engaged when you copy it into
> > the destination buffer.
>
> A notable point. Still I would think that strnlen is a pretty neat
> functions to avoid dumb mistakes (actually malformed code.) But since
> it is non-standard, I guess I will have to "turn my brain on" ;>

Malformed code that depends on a particular string buffer limit should
probably use that buffer limit when copying the string too.  I mean, if
you already know what the maximum allowed length of the string is why
would you want a library call to tell you about it? ;-)

As someone else posted already, this would probably be useful in code
that includes structures with predefined size limits, i.e.:

	struct buf {
		size_t	b_len;
		char	b_data[BUFLEN];;
	};

But in this case you already know the maximum length of the b_data field
and there's no need for strnlen() to tell you about it.

The pessimization that results from always copying BUFLEN bytes from
b_data members instead of the "useful" part of the string buffer is the
price that the careless programmer has to pay for forgetting to check
for proper string termination, I guess.

Instead of introducing new non-standard functions let's fix the broken
programs :)