Subject: Re: 'Safe' string copy: strlcpy() or strncpy() ?
To: Johan Danielsson <firstname.lastname@example.org>
From: Jaromír Dolecek <email@example.com>
Date: 01/26/2001 23:26:11
Johan Danielsson wrote:
> > Separate, though related question: should old code be converted to
> > use strlcpy() instead of strncpy() ?
> I don't think you should put too much effort into a mass conversion
> project. The problem with this is that you are quite likely to get it
> wrong in many places, like the
> strcpy(foo, bar) -> strlcpy(foo, bar, sizeof(foo))
> conversion for `char *foo'.
Yes, conversions like these have to be done with extreme care.
> There are places where the strncpy
> behaviour is really used, even if they are not that common.
Yeah, and it's quite often not easy to say off-hand if it's the
case or not, like strncpy() usage in
* usr.bin/login/login.c when writing the utmp record
* usr.bin/skeyinit/skeyinit.c when copying skey.seed to defaultseed
and stuff like those elsewhere.
Jaromir Dolecek <jdolecek@NetBSD.org> http://www.ics.muni.cz/~dolecek/
@@@@ Wanna a real operating system ? Go and get NetBSD, dammit! @@@@