Roll back uintptr_t cast changes after discussions with tedu, otto and

others. C11 6.5.6.9 says: When two pointers are subtracted, both shall point to elements of the same array object, or one past the last element of the array object; the result is the difference of the subscripts of the two array elements. In these cases the objects are arrays of char so the result is defined, and we believe that the report is based on a compiler incorrectly trapping on defined behaviour.
7 years ago · 741ef92d20
--- a/src/lib/libc/string/strlcat.c
+++ b/src/lib/libc/string/strlcat.c
@ -1,4 +1,4 @@
 /*	$OpenBSD: strlcat.c,v 1.17 2016/10/14 18:19:04 dtucker Exp $	*/
 /*	$OpenBSD: strlcat.c,v 1.18 2016/10/16 17:37:39 dtucker Exp $	*/

 /*
 * Copyright (c) 1998, 2015 Todd C. Miller <Todd.Miller@courtesan.com>
@ -18,7 +18,6 @@

 #include <sys/types.h>
 #include <string.h>
 #include <stdint.h>

 /*
 * Appends src to string dst of size dsize (unlike strncat, dsize is the
@ -38,7 +37,7 @@ strlcat(char *dst, const char *src, size_t dsize)
 	/* Find the end of dst and adjust bytes left but don't go past end. */
 	while (n-- != 0 && *dst != '\0')
 		dst++;
 	dlen = (uintptr_t)dst - (uintptr_t)odst;
 	dlen = dst - odst;
 	n = dsize - dlen;

 	if (n-- == 0)
@ -52,11 +51,6 @@ strlcat(char *dst, const char *src, size_t dsize)
 	}
 	*dst = '\0';

        /*
 	 * Cast pointers to unsigned type before calculation, to avoid signed
 	 * overflow when the string ends where the MSB has changed.
 	 * Return value does not include NUL.
 	 */
 	return (dlen + ((uintptr_t)src - (uintptr_t)osrc));
 	return(dlen + (src - osrc));	/* count does not include NUL */
 }
 DEF_WEAK(strlcat);
--- a/src/lib/libc/string/strlcpy.c
+++ b/src/lib/libc/string/strlcpy.c
@ -1,4 +1,4 @@
 /*	$OpenBSD: strlcpy.c,v 1.14 2016/10/14 18:19:04 dtucker Exp $	*/
 /*	$OpenBSD: strlcpy.c,v 1.15 2016/10/16 17:37:39 dtucker Exp $	*/

 /*
 * Copyright (c) 1998, 2015 Todd C. Miller <Todd.Miller@courtesan.com>
@ -18,7 +18,6 @@

 #include <sys/types.h>
 #include <string.h>
 #include <stdint.h>

 /*
 * Copy string src to buffer dst of size dsize.  At most dsize-1
@ -47,11 +46,6 @@ strlcpy(char *dst, const char *src, size_t dsize)
 			;
 	}

 	/*
 	 * Cast pointers to unsigned type before calculation, to avoid signed
 	 * overflow when the string ends where the MSB has changed.
 	 * Return value does not include NUL.
 	 */
 	return((uintptr_t)src - (uintptr_t)osrc - 1); 
 	return(src - osrc - 1);	/* count does not include NUL */
 }
 DEF_WEAK(strlcpy);
--- a/src/lib/libc/string/strnlen.c
+++ b/src/lib/libc/string/strnlen.c
@ -1,4 +1,4 @@
 /*	$OpenBSD: strnlen.c,v 1.7 2016/10/14 18:19:04 dtucker Exp $	*/
 /*	$OpenBSD: strnlen.c,v 1.8 2016/10/16 17:37:39 dtucker Exp $	*/

 /*
 * Copyright (c) 2010 Todd C. Miller <Todd.Miller@courtesan.com>
@ -19,7 +19,6 @@
 #include <sys/types.h>

 #include <string.h>
 #include <stdint.h>

 size_t
 strnlen(const char *str, size_t maxlen)
@ -29,10 +28,6 @@ strnlen(const char *str, size_t maxlen)
 	for (cp = str; maxlen != 0 && *cp != '\0'; cp++, maxlen--)
 		;

 	/*
 	 * Cast pointers to unsigned type before calculation, to avoid signed
 	 * overflow when the string ends where the MSB has changed.
 	 */
 	return (size_t)((uintptr_t)cp - (uintptr_t)str);
 	return (size_t)(cp - str);
 }
 DEF_WEAK(strnlen);