safe_strcpy is unsafe
Blu3Viper
david at killerlabs.com
Thu Jan 20 02:24:30 GMT 2000
make a macro to do that so you don't have to do this in the future. the
macro will be the same except add +1 to the second value. you can even go
so far as to make the macro figure out if +1 has already been added.
#define bsafe_strcpy(x, y) safe_strcpy(x, y +1)
-d
On Thu, 20 Jan 2000, Luke Kenneth Casson Leighton wrote:
> Date: Thu, 20 Jan 2000 09:26:33 +1100
> From: Luke Kenneth Casson Leighton <lkcl at samba.org>
> To: Multiple recipients of list SAMBA-TECHNICAL
> <samba-technical at samba.org>
> Subject: Re: safe_strcpy is unsafe
>
> yep! i know. i talked to jeremy about it.
>
> does anyone want to write a perl or awk script that will +1 to every
> single usage of safe_strcpy() in all samba code?
>
> optimisations include removing -1+1.
>
> i just hate how safe_strcpy() has to use sizeof(str)-1 ABSOLUTELY
> everywhere.
>
> On Thu, 20 Jan 2000, Michael Stockman wrote:
>
> > Hello,
> >
> > safe_strcpy is not very safe. It seems that it writes 1 char longer
> > than maxlen, which is bad if the buffer isn't that long. Example of
> > bad but common usage:
> >
> > pstring str;
> > safe_strcpy( str, "Hello world", sizeof(str) );
> >
> > This may cause a SIGSEGV!
> >
> > Best regards
> > Michael Stockman
> > pgmtekn-micke at algonet.se
> >
> >
> >
>
> <a href="mailto:lkcl at samba.org" > Luke Kenneth Casson Leighton </a>
> <a href="http://www.cb1.com/~lkcl"> Samba and Network Development </a>
> <a href="http://samba.org" > Samba Web site </a>
> <a href="http://www.iss.net" > Internet Security Systems, Inc. </a>
> <a href="http://mcp.com" > Macmillan Technical Publishing </a>
>
> ISBN1578701503 DCE/RPC over SMB: Samba and Windows NT Domain Internals
>
More information about the samba-technical
mailing list