safe_strcpy is unsafe
Luke Kenneth Casson Leighton
lkcl at samba.org
Wed Jan 19 22:24:42 GMT 2000
yep! i know. i talked to jeremy about it.
does anyone want to write a perl or awk script that will +1 to every
single usage of safe_strcpy() in all samba code?
optimisations include removing -1+1.
i just hate how safe_strcpy() has to use sizeof(str)-1 ABSOLUTELY
everywhere.
On Thu, 20 Jan 2000, Michael Stockman wrote:
> Hello,
>
> safe_strcpy is not very safe. It seems that it writes 1 char longer
> than maxlen, which is bad if the buffer isn't that long. Example of
> bad but common usage:
>
> pstring str;
> safe_strcpy( str, "Hello world", sizeof(str) );
>
> This may cause a SIGSEGV!
>
> Best regards
> Michael Stockman
> pgmtekn-micke at algonet.se
>
>
>
<a href="mailto:lkcl at samba.org" > Luke Kenneth Casson Leighton </a>
<a href="http://www.cb1.com/~lkcl"> Samba and Network Development </a>
<a href="http://samba.org" > Samba Web site </a>
<a href="http://www.iss.net" > Internet Security Systems, Inc. </a>
<a href="http://mcp.com" > Macmillan Technical Publishing </a>
ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals
More information about the samba-technical
mailing list