tech-pkg archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Theo chiming in on strlcpy

On Sat, Dec 21, 2013 at 03:43:20PM -0800, John Nemeth wrote:
>      All my code either verify that it will fit the destination
> string before hand, or use strn* and deals properly with potential
> truncation.  Overruning a string isn't the only thing that causes
> security problems.  Truncation is quite capable of doing it as
> well.  At the very least, the app won't behave properly.  Once you
> acknowlege this, strl* buys you nothing over strn* or just plain
> str* with length calculation done before hand.

Okay, show me your code.

Home | Main Index | Thread Index | Old Index