On 24/02/2019 19:02, R.Wieser wrote:
> Richard,
>
>> Okay, so that's so obvious a retort that I have to deduce you meant
>> something else, but I don't know what. Care to explain for the benefit of
>> my befuddled grey cells?
>
> You responded to a post in which was explained that "strncpy" could be
> dangerous because you could fill the buffer out with a too-long string,
> leaving it without a terminator.   The defensive method would be to stop
> copying before you overwrite the last byte in the target buffer - thereby
> making sure that whatever may happen, the buffer will hold a zero-terminated
> string.
>
Assuming you bzeroed the target block before copying first. strncpy does
npot zero terminate te target block


>> Reporting an error is certainly preferable to undefined behaviour, but I
>> would prefer to grab the data - all of it - if that's possible and
>> reasonable.
>
> I went along with you upto-and-including the "- all of it -".  The latter
> part ?  Not so much.  Not even humans are really capable of acting
> (correctly!) on partial messages, let alone un-imaginative programs.  And
> boy, can they do a lot of damage ...
>
Well sometimes one can say 'sorry buffer overflowed: can you resend that
last bit"

Case where its nopt reasonable to garb all et data? well mail programs.
I blacklist anything endi in .tv, .info, .biz and dozens of other top
level domains that are entirely owned by spam marketing companies.

I only grab enough data to establish that before sending them packing


--
You can get much farther with a kind word and a gun than you can with a
kind word alone.

Al Capone

--- SoupGate-Win32 v1.05