On Mon, 24 Oct 2016 18:59:36 -0000, P Vixie wrote: > Copy or die, as the default behavior. > > Silent truncation should require explicit coding. > > Strlcpy is completely bogus.
Both snprintf() and strlcpy() make it fairly easy to detect whe the buffer was too small, which is more than I can say for strncpy(). It is up to the programmer to actually check the return value. That said, I certainly agree that proceeding with a truncated buffer is the wrong thing to do. Many (but not all) systems these days provide asprintf() which dynamically allocates its buffer which can solve a lot of these problems. - todd _______________________________________________ Nmh-workers mailing list [email protected] https://lists.nongnu.org/mailman/listinfo/nmh-workers
