[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: unsafe strlcpy
max%m00nbsd.net@localhost (Maxime Villard) writes:
>I think that strlcpy has a bad design and should be replaced by the safer
Neither strlcpy nor copystr is safe, and in netbsd32_ioctl it should just
be replaced with memcpy().
>In PPPoE I think we should drop the string stuff, calling printf is already a
>bad idea anyway.
The correct way is to safely parse the input, e.g. with strnvisx.
Michael van Elst
"A potential Snark may lurk in every tree."
Main Index |
Thread Index |