[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: BUG in ltdl.c - here's a PATCH

From: Bob Friesenhahn
Subject: Re: BUG in ltdl.c - here's a PATCH
Date: Fri, 14 Jun 2002 13:23:37 -0500 (CDT)

On 14 Jun 2002, Lutz Müller wrote:

> On Fri, 2002-06-14 at 18:23, Albert Chin wrote:
> > Shouldn't we find out why filename is non-zero terminated?
> No, you didn't get it. If you do
> strncpy (filename, dir_name, strlen (dir_name));
> filename will afterwards not be terminated by '\0' (unless filename has
> previously been initialized to 0, for example by memset (filename, 0,
> ...)). If you copy a string, you need to copy the terminating '\0', too,
> i.e.
> strncpy (filename, dir_name, strlen (dir_name) + 1);

This causes strncpy() to act just like strcpy() (i.e. no added value).

> Not quite right. We need to terminate the filename after dir_name got
> copied over it without a terminating '\0'. That is, you could do a
> strncpy (filename, dir_name, strlen (dir_name));
> filename[strlen (dir_name)] = '\0';

The normal case is that you use strncpy() in order to not overrun the
target buffer.  That means that the maximum number of characters to
copy should be based on the target buffer size and not on the length
of the source string.  If filename was statically allocated, you could
use sizeof() to determine the target buffer size, otherwise you will
need to remember the size of the allocation.

Your example is no better than strcpy().  It allows overrunning the
target buffer.

Perhaps strncpy() is overused and it would be more useful to use
strlen() to verify that the source string will entirely fit in the
destination buffer so that an error can be flagged if the string will
be truncated.  An error report is usually more valuable than a
truncated string.

Another possibility (if string concatenation is not being performed)
is to use strdup() so that the allocation and copy may be performed in
one operation.

Bob Friesenhahn

reply via email to

[Prev in Thread] Current Thread [Next in Thread]