Quoth Florian Weimer on Thu, Feb 14, 2002:
> Philip Hazel <ph10@???> writes:
> > The author of the patch uses strncpy(a,b,n) to mean "copy string b
> > to buffer a, which is of length n". This is actually not sensible if
> > n is a lot larger than the length of string b. The reason it is not
> > sensible is that strncpy() insists on padding out the destination
> > buffer with binary zeros to the length given.
This sounds weird.
> strncpy() has a far more serious problem: It does not write a
> terminating zero if the buffer is full. This means that buffer
> overflows can occur later in unexpected places.
True.
But one can always borrow strlcpy(3) from OpenBSD. This function
was written especially to avoid problems with strncpy(3).
Source:
ftp://ftp.openbsd.org/pub/OpenBSD/src/lib/libc/string/strlcpy.c
ftp://ftp.openbsd.org/pub/OpenBSD/src/lib/libc/string/strlcpy.3
Man page in HTML format:
http://www.openbsd.org/cgi-bin/man.cgi?query=strlcpy&apropos=0&sektion=0&manpath=OpenBSD+Current&arch=i386&format=html
Vadik.
--
Any language that involves exposing private parts to friends is a
tad suspect...
-- Geoff Lane in the Monastery, about C++
