Changes to clitar.c: strcpy to pstrcpy ?
tridge at samba.anu.edu.au
Fri May 15 13:40:10 GMT 1998
> I notice that someone has carefully gone through clitar and changed every
> occurrence of strcpy to pstrcpy.
That was Jeremy :)
I didn't do it in the earlier security audit because the client can
never be a security hole (it runs without special privilages).
> I would prefer to use strncpy and strncat
> where needed, especially since I use dynamically allocated strings in clitar.
better to use strlcpy() and strlcat() instead of strncpy() and
The problems with strncpy() are that:
1) it zero fills the whole buffer. This is slow.
2) it doesn't null terminate the string if there is an overflow!
More information about the samba-technical