Hosting Provided By

Re: strncpy() and NULL termination

From: Eivind Eklund <eivind(at)dimaga.com>
Date: Sun Feb 16 1997 - 13:57:59 EST

At 04:12 PM 2/15/97 -0500, Aaron Bornstein wrote:
>
> As I've been going through code, I've noticed a lot of
>strncpy()'s that don't properly NULL-terminate the strings. Seeing as
>this is a security audit, I have a feeling that qiute a few new
>strncpy()'s will be introduced into the tree, and I'd just like to remind
>everyone that strncpy does NOT guarantee NULL termination.
>
>Bad:
> strncpy(buf, somestring, BUFSIZ);
>
>Good:
> strncpy(buf, somestring, BUFSIZ);
> buf[BUFSIZ-1] = '\0';

Better: (IMHO - as this is more robust to code changes)

	strncpy(buf, somestring, sizeof(buf));
	buf[sizeof(buf)-1] = '\0';

While we're at it, I'd like to remind everybody of strdup() - and suggest it might be an idea to introduce smprintf(), an sprintf to an automatically malloced buffer. These functions together make wirting correct and robust programs as easy as writing brittle programs without them.

Eivind Eklund perhaps(at)yes.no http://maybe.yes.no/perhaps/ eivind@freebsd.org Received on Sun Feb 16 11:10:25 1997

This message: [ Message body ]
Next message: Eivind Eklund: "Re: strncpy() and NULL termination"
Previous message: Brian Tao: "Re: Register pointers in gcc?"
Next in thread: Poul-Henning Kamp: "Re: strncpy() and NULL termination"
Reply: Poul-Henning Kamp: "Re: strncpy() and NULL termination"
Reply: Paul Traina: "Re: strncpy() and NULL termination"
Reply: Marc Slemko: "Re: strncpy() and NULL termination"
Reply: Eivind Eklund: "Re: strncpy() and NULL termination"
Reply: Charles Henrich: "Re: strncpy() and NULL termination"
Reply: Eivind Eklund: "Re: strncpy() and NULL termination"
Reply: Warner Losh: "Re: strncpy() and NULL termination"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 12:41:02 EDT