my gripe with strlcat, strlcpy, and similar is silent truncation. the openbsd team once sent me a huge block of diffs for bind8, altering every strcpy to strlcpy, and so on. i rejected it, since silent truncation is no less wrong than overflowing an array would be, and no less likely to result in a security vulnerability. i did my own audit, modifying some occurrences of strcat by prepending them with:
assert(strlen(x) + strlen(y) < sizeof z); because if the code is wrong i want it dead, not continuing lobotomized. my changes were not well taken by the openbsd team. vixie _______________________________________________ Nmh-workers mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/nmh-workers
