use strnlen_s instead of strnlen if available

[razr]

use strnlen_s instead of strnlen if available. VxWorks has only strnlen_s

[fujitatomoya]

basically i am not inclined to take this C non-standard for portability, but there are already __STDC_LIB_EXT1__ so that should not block this PR.

(note) in other way, how about adding memchr(string, '\0', max_string);? and that can avoid calling strnlen_s? so that we can remove __STDC_LIB_EXT1__.

[fujitatomoya]

is this required to define here? it looks like rcutils/error_handling.h already has defined that.

[razr]

this example says that the define shall be before the #include <string.h>. I'm not sure whether it is good to rely on what was defined in other headers.

#define __STDC_WANT_LIB_EXT1__ 1
#include <string.h>
#include <stdio.h>
 
int main(void)
{
    const char str[] = "How many characters does this string contain?";
 
    printf("without null character: %zu\n", strlen(str));
    printf("with null character:    %zu\n", sizeof str);
 
#ifdef __STDC_LIB_EXT1__
    printf("without null character: %zu\n", strnlen_s(str, sizeof str));
#endif
}

[fujitatomoya]

same here? there is even #define __STDC_WANT_LIB_EXT1__ 1 in line 35. probably we need to move the #include <rcutils/error_handling.h> to above?

[razr]

I don't have a strong opinion on it. I let you decide. I have looked into ROS coding guide. It is based on the Google C++ Style Guide. And in the Google C++ Style Guide, the header order is as follows:

dir2/foo2.h (a header corresponding to your cpp file)
A blank line
C system headers (more precisely: headers in angle brackets with the .h extension), e.g., <unistd.h>, <stdlib.h>.
A blank line
C++ standard library headers (without file extension), e.g., , .
A blank line
Other libraries' .h files.
A blank line
Your project's .h files.

It looks to me that in all project headers, the other project headers shall be included in the end.

[fujitatomoya]

@razr thanks for the PR, DCO is failing. could you address it with comments?

[razr]

Sorry, I've missed the DSO, will update it. Thank you for pointing it out.

[clalancette]

So I left one thing that I think we should change.

That said, strnlen_s doesn't seem to be a widely implemented piece of the C11 standard (it is optional, and apparently most compilers don't implement it). Regular strnlen can also be trivially implemented by calling memchr(s, '\0', n) instead. See https://stackoverflow.com/questions/66346502/which-is-most-standard-strnlen-or-strnlen-s for some details on all of this.

My suggestion here is we do something slightly different, and introduce rcutils_strnlen. It would be implemented by calling memchr instead, and then we could call that everywhere (this would also let us remove some conditional code in include/rcutils/error_handling.h. Thoughts?

[clalancette]

I ended up implementing this with memchr in 6349f20 . @razr Can you take a look and see if this will work for you on VxWorks?

[razr]

@clalancette it works on VxWorks. LGTM.

[clalancette]

@clalancette it works on VxWorks. LGTM.

All right, sounds good. Can you please rebase this PR and add a Signed-off-by line to your commit? Once that is done, I'll rebase this on the latest and run CI.