From ea99ca801e63268479f91e94c5bcaea69d5a8751 Mon Sep 17 00:00:00 2001
From: "Rob Swindell (on ChromeOS)" <rob@synchro.net>
Date: Thu, 26 Jan 2023 23:36:11 -0800
Subject: [PATCH] Add XSAFECOPY (extra safe copy) that won't pass NULL to
 strncpy()

The previous (reverted) change to SAFECOPY would double-resolve the (src)
argument and caused weird side effects.

Again, removes SAFECOPY_USES_SNPRINTF since it was unused.
---
 src/xpdev/gen_defs.h | 6 ++----
 1 file changed, 2 insertions(+), 4 deletions(-)

diff --git a/src/xpdev/gen_defs.h b/src/xpdev/gen_defs.h
index be3a930fbb..b116e23468 100644
--- a/src/xpdev/gen_defs.h
+++ b/src/xpdev/gen_defs.h
@@ -430,11 +430,9 @@ typedef struct {
 #define TERMINATE(str)                      str[sizeof(str)-1]=0
 
 /* This is a bound-safe version of strcpy basically - only works with fixed-length arrays */
-#ifdef SAFECOPY_USES_SPRINTF
-#define SAFECOPY(dst,src)                   sprintf(dst,"%.*s",(int)sizeof(dst)-1,src)
-#else   /* strncpy is faster */
 #define SAFECOPY(dst,src)                   (strncpy(dst,src,sizeof(dst)), TERMINATE(dst))
-#endif
+/* Extra-safe SAFECOPY doesn't pass NULL-pointer to strncpy */
+#define XSAFECOPY(dst,src)                  (strncpy(dst,(src)==NULL?"(null)":(src),sizeof(dst)), TERMINATE(dst))
 
 #define SAFECAT(dst, src) do { \
 	if(strlen((char*)(dst)) + strlen((char*)(src)) < sizeof(dst)) { \
-- 
GitLab