nmh-workers
[Top] [All Lists]

Re: [Nmh-workers] strncpy(3), die, die, die.

2016-10-24 15:13:13
On overflow, the string should be zero filled, or abort() should be called.

Leaving a half useful result creates no incentive to check the return value.

On October 24, 2016 9:11:09 PM GMT+02:00, "Todd C. Miller" 
<Todd(_dot_)Miller(_at_)courtesan(_dot_)com> wrote:
On Mon, 24 Oct 2016 18:59:36 -0000, P Vixie wrote:

Copy or die, as the default behavior.

Silent truncation should require explicit coding.

Strlcpy is completely bogus.

Both snprintf() and strlcpy() make it fairly easy to detect whe the
buffer was too small, which is more than I can say for strncpy().
It is up to the programmer to actually check the return value.

That said, I certainly agree that proceeding with a truncated buffer
is the wrong thing to do.  Many (but not all) systems these days
provide asprintf() which dynamically allocates its buffer which can
solve a lot of these problems.

- todd

-- 
Sent from my Android device with K-9 Mail. Please excuse my brevity.
_______________________________________________
Nmh-workers mailing list
Nmh-workers(_at_)nongnu(_dot_)org
https://lists.nongnu.org/mailman/listinfo/nmh-workers
<Prev in Thread] Current Thread [Next in Thread>