On Wed Jun 5 09:15:11 EDT 2013, [email protected] wrote:
> The first opportunity to write a nil byte should always be taken.
> Using sizeof only means that in corner cases memory disclosure may
> occur between where the nil should be and the end of the array. While
> this isn't a security critical app, it is still good coding practice.
>
> x = strlen(info.host) < sizeof info.host ? strlen() : sizeof ;
> info.host[x] = 0;
let's start at the beginning. strncpy is not good coding practice.
and lpdaemon is not well written by today's standards. ☺
however, unless i'm missing something, the code has exactly that.
/sys/src/cmd/lp/lpdaemon.c:297,310
case 'H':
if (ap[1] == '\0')
strncpy(info.host, "unknown", NAMELEN);
else
strncpy(info.host, (const char *)&ap[1],
NAMELEN);
info.host[NAMELEN] = '\0';
break;
case 'P':
if (ap[1] == '\0')
strncpy(info.user, "unknown", NAMELEN);
else
strncpy(info.user, (const char *)&ap[1],
NAMELEN);
info.user[NAMELEN] = '\0';
break;
- erik
