[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nmh-workers] strncpy(3), die, die, die.

From: Valdis . Kletnieks
Subject: Re: [Nmh-workers] strncpy(3), die, die, die.
Date: Mon, 24 Oct 2016 16:40:36 -0400

On Mon, 24 Oct 2016 13:08:22 -0600, "Anthony J. Bentley" said:
> P Vixie writes:
> > Strlcpy is completely bogus.
> What's silent about strlcpy? Just check the return value against the size
> of the buffer.

He didn't say it was silent. He said it was bogus.

>From the manpage: https://www.freebsd.org/cgi/man.cgi?query=strlcpy&sektion=3

     The strlcpy() and strlcat() functions return the total length of the
     string they tried to create.  For strlcpy() that means the length of src.
     For strlcat() that means the initial length of dst plus the length of
     src.  While this may seem somewhat confusing, it was done to make
     truncation detection simple.

     Note however, that if strlcat() traverses size characters without finding
     a NUL, the length of the string is considered to be size and the
     destination string will not be NUL-terminated (since there was no space
     for the NUL).  This keeps strlcat() from running off the end of a string.
     In practice this should not happen (as it means that either size is
     incorrect or that dst is not a proper ``C'' string).  The check exists to
     prevent potential security problems in incorrect code.

In other words - if the source string doesn't fit, it will create a
non-NULL-terminated destination string for you.  Repeat that, slowly, until it
sinks in.

Attachment: pgp6WkTDo3eF7.pgp
Description: PGP signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]