On Wed, Apr 02, 2008 at 03:54:52PM -0700, Matthew Dempsky wrote:
> On Wed, Apr 2, 2008 at 2:48 PM, Mike Erdely <[EMAIL PROTECTED]> wrote:
> > -@@ -344,7 +344,7 @@ char *strdup( const char *s )
> > -
> > - if (result != NULL)
> > - {
> > -- strcpy( result, s );
> > -+ strlcpy( result, s, sizeof(result) );
> > - }
> > -
> > - return( result );
>
> It seems worth pointing out that this patch is an example of
> carelessly replacing strcpy with strlcpy. result here is a pointer,
> not a fixed size array, so sizeof(result) just returns 4 or 8 instead
> of the buffer size. (Of course, OpenBSD provides strdup in libc, so
> this code isn't used, patched or not.)
For what it's worth, that section of code was wrapped in:
#ifdef __MINGW32__
char *strdup...
#endif /* def __MINGW32__ */
-ME
