#107 improper use of strncpy in proto_fics.cc

closed-fixed
None
1
2007-01-19
2007-01-18
Anonymous
No

proto_fics.cc uses strncpy in several places, but in all except one place the usage is flawed - strncpy should be used with sizeof(dest)-1 length, and the last char should be set to null, because there's no gurantee that the resulting string dest will be terminated if it's truncuted. e.g.:

strncpy(dest, src, sizeof(dest)-1)[sizeof(dest)-1]='\0';

except the first time, all places use sizeof(dest) and don't set null.

Best, imho, is to give up on strncpy and use strlcpy, which is both faster and easier to use. glib offers a version of strlcpy (named g_strlcpy), it will look like:
strlcpy(dest, src, sizeof(dest));

Discussion

  • Felipe Bergo

    Felipe Bergo - 2007-01-19
    • priority: 5 --> 1
    • assigned_to: nobody --> bergo
    • status: open --> closed-fixed
     
  • Felipe Bergo

    Felipe Bergo - 2007-01-19

    Logged In: YES
    user_id=23863
    Originator: NO

    Wasn't causing any real trouble, but all strncpy's converted to g_strlcpy in the CVS.

     

Log in to post a comment.

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:

JavaScript is required for this form.





No, thanks