There's a third one that nobody has caught, because you don't know if pszSrc is null-terminated, so your program can crash due to a protected memory error. The copy operation should be:
strncpy(szDest,pszSrc, min(MAX, pszSrc_size)-1); assuming the size of pszSrc is pszSrc_size. Few people seem to be aware of the possible problems caused by *reading* an unterminated string. Do you feel lucky (that there will be another NULL somewhere, before reading off in outer space)? So, I tend to agree, getting "C" calls correct is tedious, and that encourages risky coding. Cheers, Pascal On 7/19/05 11:34 AM, "ljknews" <[EMAIL PROTECTED]> wrote: > > The overarching bug seems to be the assertion that there is only one bug, > since those offering comments found two right off. > > The less excusable of the two bugs appears at first glance to be an > out of bounds reference to an array, but on reflection is an error > in choice of programming language. > -- > Larry Kilgallen > >
