On Do, 2007-11-15 at 17:35 +0100, Stefan Dösinger wrote:

• memset(dest, 'X', sizeof(dest));
• ret = pstrcpy_s(dest, sizeof(dest), small);
• ok(ret == 0, "Copying a string into a big enough destination

returned %d, expected 0\n", ret);

• ok(dest[0] == 's' && dest[1] == 'm' && dest[2] == 'a' && dest[3]

== 'l' &&

•   dest[4] == 'l' && dest[5] == '\0'&& dest[6] == 'X' && dest[7]
  

== 'X',

Is it really needed to check the memory after the end of the string? Does an application depend on this?

--- cut --- memset(dest, 'X', sizeof(dest)-1); /* never read past the buffer, when we check the result */ dest[sizeof(dest)-1] = '\0';

ret = pstrcpy_s(dest, sizeof(dest), small); ok( !ret && !lstrcmpA(dest, small), "got %d and '%s' (expected '0' and '%s')\n", ret, dest, small);

-- cut --

For my tests with buffers, i found it useful to test with: - buffer present, but size is 0 - buffer one byte smaller as the string (no space left for the '\0') - buffer large enough for the string, but no space left for the '\0' - buffer exact as needed - buffer one byte larger as needed - empty source string - NULL source - NULL target

This allow you to verify, how the terminating '\0' is handled.

Did you test with invalid pointers (crash / handled graceful)?