#107 improper use of strncpy in proto_fics.cc

closed-fixed
Felipe Bergo
None
1
2007-01-19
2007-01-18
Anonymous
No

proto_fics.cc uses strncpy in several places, but in all except one place the usage is flawed - strncpy should be used with sizeof(dest)-1 length, and the last char should be set to null, because there's no gurantee that the resulting string dest will be terminated if it's truncuted. e.g.:

strncpy(dest, src, sizeof(dest)-1)[sizeof(dest)-1]='\0';

except the first time, all places use sizeof(dest) and don't set null.

Best, imho, is to give up on strncpy and use strlcpy, which is both faster and easier to use. glib offers a version of strlcpy (named g_strlcpy), it will look like:
strlcpy(dest, src, sizeof(dest));

Discussion

  • Felipe Bergo
    Felipe Bergo
    2007-01-19

    • priority: 5 --> 1
    • assigned_to: nobody --> bergo
    • status: open --> closed-fixed
     
  • Felipe Bergo
    Felipe Bergo
    2007-01-19

    Logged In: YES
    user_id=23863
    Originator: NO

    Wasn't causing any real trouble, but all strncpy's converted to g_strlcpy in the CVS.