lib/string/: Use array notation with forward declarations

alejandro-colomar · alejandro-colomar · commit 087d85eda1eb · 2025-02-08T14:17:48.000+01:00
GNU C has an extension which allows to forward-declare parameters, so that array notation can be used with sizes that are defined after the array itself. This improves the safety of such arrays, by telling the compiler the bounds of the array. This feature has been proposed for standardization in C2y as n3394. Link: n3394 <https://www.open-std.org/jtc1/sc22/wg14/www/docs/n3394.pdf> Cc: Martin Uecker <uecker@tugraz.at> Signed-off-by: Alejandro Colomar <alx@kernel.org>
diff --git a/lib/string/sprintf/snprintf.c b/lib/string/sprintf/snprintf.c
@@ -10,7 +10,7 @@
 #include <stddef.h>
 
 
-extern inline int snprintf_(char *restrict s, size_t size,
-    const char *restrict fmt, ...);
-extern inline int vsnprintf_(char *restrict s, size_t size,
-    const char *restrict fmt, va_list ap);
+extern inline int snprintf_(size_t size;
+    char s[restrict size], size_t size, const char *restrict fmt, ...);
+extern inline int vsnprintf_(size_t size;
+    char s[restrict size], size_t size, const char *restrict fmt, va_list ap);
diff --git a/lib/string/sprintf/snprintf.h b/lib/string/sprintf/snprintf.h
@@ -23,15 +23,16 @@
 
 
 format_attr(printf, 3, 4)
-inline int snprintf_(char *restrict s, size_t size, const char *restrict fmt,
-    ...);
+inline int snprintf_(size_t size;
+    char s[restrict size], size_t size, const char *restrict fmt, ...);
 format_attr(printf, 3, 0)
-inline int vsnprintf_(char *restrict s, size_t size, const char *restrict fmt,
-    va_list ap);
+inline int vsnprintf_(size_t size;
+    char s[restrict size], size_t size, const char *restrict fmt, va_list ap);
 
 
 inline int
-snprintf_(char *restrict s, size_t size, const char *restrict fmt, ...)
+snprintf_(size_t size;
+    char s[restrict size], size_t size, const char *restrict fmt, ...)
 {
 	int      len;
 	va_list  ap;
@@ -45,7 +46,8 @@ snprintf_(char *restrict s, size_t size, const char *restrict fmt, ...)
 
 
 inline int
-vsnprintf_(char *restrict s, size_t size, const char *restrict fmt, va_list ap)
+vsnprintf_(size_t size;
+    char s[restrict size], size_t size, const char *restrict fmt, va_list ap)
 {
 	int  len;
 
diff --git a/lib/string/strcpy/strtcpy.c b/lib/string/strcpy/strtcpy.c
@@ -10,5 +10,5 @@
 #include "string/strcpy/strtcpy.h"
 
 
-extern inline ssize_t strtcpy(char *restrict dst, const char *restrict src,
-    size_t dsize);
+extern inline ssize_t strtcpy(size_t dsize;
+    char dst[restrict dsize], const char *restrict src, size_t dsize);
diff --git a/lib/string/strcpy/strtcpy.h b/lib/string/strcpy/strtcpy.h
@@ -48,12 +48,13 @@
 
 
 ATTR_STRING(2)
-inline ssize_t strtcpy(char *restrict dst, const char *restrict src,
-    size_t dsize);
+inline ssize_t strtcpy(size_t dsize;
+    char dst[restrict dsize], const char *restrict src, size_t dsize);
 
 
 inline ssize_t
-strtcpy(char *restrict dst, const char *restrict src, size_t dsize)
+strtcpy(size_t dsize;
+    char dst[restrict dsize], const char *restrict src, size_t dsize)
 {
 	bool    trunc;
 	size_t  dlen, slen;
