[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Theo chiming in on strlcpy
On Sat, Dec 21, 2013 at 03:43:20PM -0800, John Nemeth wrote:
> All my code either verify that it will fit the destination
> string before hand, or use strn* and deals properly with potential
> truncation. Overruning a string isn't the only thing that causes
> security problems. Truncation is quite capable of doing it as
> well. At the very least, the app won't behave properly. Once you
> acknowlege this, strl* buys you nothing over strn* or just plain
> str* with length calculation done before hand.
Okay, show me your code.
Main Index |
Thread Index |