Jeremy Allison jallison at
Fri May 22 16:46:19 GMT 1998

Luke Kenneth Casson Leighton wrote:
> if the string length is _exactly_ the length of the buffer, is it
> deliberately non-null-terminated?

safe_strcpy never leaves a string non-null

If the string length is exactly the length
of the buffer then it's an overflow by one
(because of the expected null).

Always pass buffer_len-1 to the safe_xxx 
routines (look at the fstrcpy and pstrcpy
defines in smb.h).


Buying an operating system without source is like buying
a self-assembly Space Shuttle with no instructions.

More information about the samba-technical mailing list