safe_strcpy
Luke Kenneth Casson Leighton
lkcl at switchboard.net
Tue May 26 15:02:56 GMT 1998
> > > > if the string length is _exactly_ the length of the buffer, is it
> > > > deliberately non-null-terminated?
>
> > > safe_strcpy never leaves a string non-null
> > > terminated.
>
> > > If the string length is exactly the length
> > > of the buffer then it's an overflow by one
> > > (because of the expected null).
>
> > > Always pass buffer_len-1
>
> > ??? -1????
>
> > damn, that's counter-intuitive.
>
> Yeah, it really is.
>
> It also runs contrary to the way things like fgets work where the
> length is the length of the buffer and if you get a line longer than the
> buffer it only puts length - 1 bytes in the buffer and null terminates it
> at buffer[length]. IMHO - that makes more sense.
>
> The fgets way is also safer. By safer, I'm referring to what happens
can this be addressed, please?
[i prefer, personally, to have safe_strcpy etc passed sizeof(buffer) not
sizeof(buffer)-1 because it looks neater. if that translates in other
people's language into "more intuitive" or better "safer for technical
reasons like the ones stated above" or "there is a precedant for this kind
of function which it is strongly advised that samba development follows,
in order to cause less problems for future developers" then all the
better].
luke
More information about the samba-technical
mailing list