[MPlayer-dev-eng] [PATCH] input.c: optimize mp_cmd list.

[Reimar Döffinger]

On Sun, Feb 14, 2016 at 01:00:57PM +0100, Reimar Döffinger wrote:
> On Sun, Feb 14, 2016 at 12:19:21AM +0100, Ingo Brückl wrote:
> > Reimar Döffinger wrote on Sat, 13 Feb 2016 23:44:42 +0100:
> > 
> > > the normal avstrlcpy etc. would just silently truncate.
> > 
> > Isn't code not working preferable to code presumably crashing?
> 
> Not working is not working.
> The only things making a difference there is security
> concerns and ease of debugging/fixing.
> Crashing loses in case the former exists, but it clearly
> wins in the second one.
> So actually, I generally consider a safe crash a good thing.
> That said, I was rather thinking of something like below,
> if that looks good to you (it could also check for NULL termination
> or alternatively use memcpy, I haven't thought that through):
> --- a/input/input.h
> +++ b/input/input.h
> @@ -201,6 +201,11 @@ typedef enum {
>  #define MP_MAX_KEY_DOWN 8
>  #endif
>  
> +#define ARRAY_STRCPY(d, s) do { \
> +    typedef char dst_size_check[(sizeof(d) >= sizeof(s))*2-1]; \
> +    strcpy(&(d), &(s)); \
> +} while(0)
> +
>  typedef union mp_cmd_arg_value {
>    int i;
>    float f;

More reliable, warning-free version using a bit of C11:
#if (defined(__GNUC__) && (__GNUC__ * 100 + __GNUC_MINOR__ >= 460)) || \
    (defined(__clang__) && (__clang_major__ * 100 + __clang_minor__ >= 306))
// The type checks are pretty horrible but the only reliable method,
// checking type of d is char[sizeof(d)] doesn't work in gcc for example
#define ARRAY_STRCPY(d, s) do { \
    _Static_assert(sizeof(d) >= sizeof(s), "Destination array too small!"); \
    _Static_assert(_Generic(&(d), char(*)[]:1, default:0), "Destination not an array!"); \
    _Static_assert(_Generic(&(s), char(*)[]:1, default:0), "Source not an array!"); \
    memcpy(d, s, sizeof(s)); \
} while(0)
#else
#define ARRAY_STRCPY(d, s) memcpy(d, s, sizeof(s))
#endif