qstrncpy: NUL-terminate even when src is nullptr

The goal of this function is to ensure that dst is _always_ NUL-terminated. The only exception is if there's no space to write even one NUL byte, of course, but not when src is nullptr but dst would have space. Update the docs to the new behavior and make them more precise. Fix a test that assumed qstrncpy() would not write to dst for (dst, nullptr, 10). [ChangeLog][QtCore][qstrncpy()] Now NUL-terminates the target buffer even when the source pointer is nullptr, provided the target buffer has space for at least one byte. Change-Id: I7806d8c71e260f8f02b79af7b6ce94f23599dd69 Reviewed-by: Qt CI Bot <qt_ci_bot@qt-project.org> Reviewed-by: Thiago Macieira <thiago.macieira@intel.com> (cherry picked from commit 05f913d57d6557d1c540894651cc83a5b1ec7cf7) Reviewed-by: Qt Cherry-pick Bot <cherrypick_bot@qt-project.org>
2023-02-16 15:48:17 +01:00 · 2023-02-16 15:48:17 +01:00 · f59731b4fb
commit f59731b4fb
parent ad70a5c682
2 changed files with 12 additions and 7 deletions
--- a/src/corelib/text/qbytearray.cpp
+++ b/src/corelib/text/qbytearray.cpp
@ -114,9 +114,9 @@ char *qstrcpy(char *dst, const char *src)
    A safe \c strncpy() function.

    Copies at most \a len bytes from \a src (stopping at \a len or the
-    terminating '\\0' whichever comes first) into \a dst and returns a
-    pointer to \a dst. Guarantees that \a dst is '\\0'-terminated. If
-    \a src or \a dst is \nullptr, returns \nullptr immediately.
+    terminating '\\0' whichever comes first) into \a dst. Guarantees that \a
+    dst is '\\0'-terminated, except when \a dst is \nullptr or \a len is 0. If
+    \a src is \nullptr, returns \nullptr, otherwise returns \a dst.

    This function assumes that \a dst is at least \a len characters
    long.
@ -128,9 +128,11 @@ char *qstrcpy(char *dst, const char *src)

 char *qstrncpy(char *dst, const char *src, size_t len)
 {
-    if (!src || !dst)
-        return nullptr;
-    if (len > 0) {
+    if (dst && len > 0) {
+        if (!src) {
+            *dst = '\0';
+            return nullptr;
+        }
 #ifdef Q_CC_MSVC
        strncpy_s(dst, len, src, len - 1);
 #else
@ -138,7 +140,7 @@ char *qstrncpy(char *dst, const char *src, size_t len)
 #endif
        dst[len-1] = '\0';
    }
-    return dst;
+    return src ? dst : nullptr;
 }

 /*! \fn size_t qstrlen(const char *str)
--- a/tests/auto/corelib/text/qbytearray/tst_qbytearray.cpp
+++ b/tests/auto/corelib/text/qbytearray/tst_qbytearray.cpp
@ -740,7 +740,10 @@ void tst_QByteArray::qstrncpy()

    // src == nullptr
    QCOMPARE(::qstrncpy(dst.data(), 0,  0), (char*)0);
+    QCOMPARE(*dst.data(), 'b'); // must not have written to dst
    QCOMPARE(::qstrncpy(dst.data(), 0, 10), (char*)0);
+    QCOMPARE(*dst.data(), '\0'); // must have written to dst
+    *dst.data() = 'b'; // restore

    // valid pointers, but len == 0
    QCOMPARE(::qstrncpy(dst.data(), src.data(), 0), dst.data());