On 08/20/12 10:31, Niels Baggesen wrote: > On Mon, Aug 20, 2012 at 08:56:27AM +0000, Bart Van Assche wrote: >> On 08/20/12 06:36, Niels Baggesen wrote: >>> This fixes a possible memory overrun (see patch 3559417) >> >> Although I'd prefer that strncpy() to be replaced by strlcpy(): > > Why? > > It's a convenience, yes, but it leads to results being truncated > one too early, which might convince the manager that it has gotten > the complete result. If it fills the variable to the limit it should > know it might be truncated.
My arguments are: - It's considered a good programming practice to terminate strings properly that are announced as '\0'-terminated. - strlcpy() is more efficient than strncpy(). strncpy() fills all trailing bytes in the destination string with '\0' characters while strlcpy() writes only one terminating '\0' (see e.g. http://pubs.opengroup.org/onlinepubs/7908799/xsh/strncpy.html). - If truncating a string is considered improper, strdup() should be used instead of strncpy() or strlcpy(). Bart. ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ Net-snmp-coders mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/net-snmp-coders
