Hey, so grep -A1 memtst * in dbmail, and you'll find lots of these: memtst((dest = (char *)my_malloc(strlen(value)+1))==NULL); strncpy(dest,value,strlen(value)+1);
Doesn't this cause dest not to be null terminated? The extra space is allocated specifically for null, so the second line should be: strncpy(dest,value,strlen(value)); and for extra paranoia: dest[strlen(value)+1] = '\0'; Otherwise, you're relying on value to already be null terminated, which it should be... but who really knows? Aaron
