"R.Wieser" writes:
[...]
> True. But that only goes as far as the programmer can imagine such attacks.
> "strncpy" is ment as a "last ditch" effort to safeguard against the
> /unforseen/ circumstances which could lead to memory/stack being clobbered.
> My suggestion to provide it an argument that is one less than what the
> buffer can actually hold is just an extension on that.
No, strncpy is designed to work with a specific (and, in recent
history, rare) data structure, namely a fixed-length character
array containing some bytes of meaningful data padded to the end
by zero or more null bytes. (I believe it was used to store file
names in Unix directory entries.)
(followups to comp.lang.c only)
--
Keith Thompson (The_Other_Keith) kst-u@mib.org
Will write code for food.
void Void(void) { Void(); } /* The recursive call of the void */
--- SoupGate-Win32 v1.05
* Origin: Agency HUB, Dunedin - New Zealand | FidoUsenet Gateway (3:770/3)
|