Bugtraq mailing list archives
Re: strcpy versus strncpy
From: cmason () WYREX COM (Chris L. Mason)
Date: Tue, 3 Mar 1998 11:14:16 -0500
On Tue, Mar 03, 1998 at 01:31:24AM +0100, Morten Welinder wrote:
A recent article on BugTraq suggested that using strcpy should almost always be considered a bug. That's not right. It is, in fact, the wrong way around: strncpy is almost always a bug.
Hi, What's wrong with using the following (I got the idea from some of Stevens' code)? char *sstrcpy(char *dst, size_t n, const char *src) { if (strlen(src) > (n - 1)) { errno = ENOSPC; return NULL; } strcpy(dst, src); dst[n - 1] = '\0'; return dst; } (the first 's' stands for safe (I hope)) It's not MT safe, but other than that I can't see any problems. Chris
Current thread:
- Re: strcpy versus strncpy, (continued)
- Re: strcpy versus strncpy pedward () WEBCOM COM (Mar 03)
- Re: strcpy versus strncpy Aleph One (Mar 02)
- Re: strcpy versus strncpy sinster () DARKWATER COM (Mar 02)
- Re: strcpy versus strncpy Nick Maclaren (Mar 03)
- Re: strcpy versus strncpy Mark Walker (Mar 03)
- updatedb: sort patch Michael Ballbach (Mar 02)
- Re: strcpy versus strncpy Eivind Eklund (Mar 03)
- Vulnerabilites in some versions of info2www CGI Niall Smart (Mar 03)
- Universal Wrapper Willy TARREAU (Mar 03)
- Re: strcpy versus strncpy Victor Lavrenko (Mar 03)
- Re: strcpy versus strncpy Chris L. Mason (Mar 03)
- Re: strcpy versus strncpy Mark Whitis (Mar 04)
- Re: strcpy versus strncpy Andy Church (Mar 02)
- Re: strcpy versus strncpy Edwin Li-Kai Liu (Mar 03)
- Re: strcpy versus strncpy Ben Laurie (Mar 03)
- Re: strcpy versus strncpy Chris L. Mason (Mar 03)
- Re: strcpy versus strncpy der Mouse (Mar 04)
- Re: strcpy versus strncpy Aleph One (Mar 04)
- Re: strcpy versus strncpy Aleph One (Mar 04)
- Re: strcpy versus strncpy Aleph One (Mar 04)
- Re: strcpy versus strncpy Aleph One (Mar 04)
(Thread continues...)