Subject: Re: CVS commit: basesrc
To: None <>
From: Bill Sommerfeld <>
List: source-changes
Date: 09/15/2000 12:02:07
       '-Dstrlcpy(a,b,c)=(strncpy(a,b,c),strlen(a))' \
       '-Dstrlcat=strncat' \

I strongly advise against using an ftpd build this way.

It is possible (perhaps even likely) that a 1.4.2 ftpd built with this
value of CPPFLAGS may be vulnerable to buffer overrun attacks.

The strn* and strl* function families do *not* have equivalent
bounds-checking and null-termination behavior.  

For instance, strncat appends at most c characters, yielding a string
of length at most strlen(a)+c, occupying strlen(a)+c+1 bytes; strlcat
is guaranteed to produce a null-terminated string no longer than c-1
characters, occupying no more than c bytes.

Some untested, but potentially more correct (albeit not exactly
equivalent) replacements:

	strlcat(a,b,c) could be replaced by strncat(a,b,max(0,c-strlen(a)-1))
	strlcpy(a,b,c) could with (strncpy(a,b,c-1),a[c-1]=0,strlen(a))

					- Bill