Thanks John! I've noticed a handful of those done incorrectly as well and have been fixing them.
The next fix that I'm working on is replacing all of our strncpy/strcpy/strcat/strncat usages with a 'safe' version (or at least with all the troubles in 1 place!), so hopefully I'll get to fix most of them along the way. On Tue, 2015-05-19 at 22:24 +0000, Light, John J wrote: > It is gratifying to see more use of length protected string copies, > but is important that they be done properly. > > > > I don?t see any > > > > strcpy(to, from); > > > > but I do see more than one > > > > strncpy(to, from, strlen(from)); > > > > and > > > > strncpy(to, from, sizeof (from)); > > > > Both of these are equivalent to strcpy, and should be avoided. > > > > It is critical that the third argument of strncpy be the amount of > storage in the first argument (the destination). > > > > I am correcting the ones I find. > > > > John Light > > Intel OTC OIC Development > > > _______________________________________________ > iotivity-dev mailing list > iotivity-dev at lists.iotivity.org > https://lists.iotivity.org/mailman/listinfo/iotivity-dev
