Secure Coding mailing list archives
Re: strncpy (was: Re: New Microsoft Security Tool for developers)
From: Florian Weimer <fw () deneb enyo de>
Date: Wed, 17 Dec 2003 13:08:05 +0000
David A. Wheeler wrote:
This "excess nul'ing" is extremely perverse behavior... but it's true. This is clearly stated in Kernighan and Ritchie second edition [Kernighan 1988, page 249], and this behavior is clearly documented in the man pages for Linux, FreeBSD, and Solaris. I don't have the formal standards handy but I believe they say the same.
Of course, it's in the standard: | 7.21.2.4 The strncpy function | Synopsis | #include <string.h> | char *strncpy(char * restrict s1, | const char * restrict s2, | size_t n); | Description | The strncpy function copies not more than n characters (characters | that follow a null character are not copied) from the array pointed to | by s2 to the array pointed to by s1. If copying takes place between | objects that overlap, the behavior is undefined. | | If the array pointed to by s2 is a string that is shorter than n | characters, null characters are appended to the copy in the array | pointed to by s1, until n characters in all have been written. | | [...]
(The fact that few have the formal standards handy, but every user of C has K&R handy, is probably a good argument that K&R is the "real" standard anyway... but I digress...).
No one should write C programs after reading significant parts of the standard. Otherwise, it's not unlikely that the code doesn't do what the programmer intends, and works on a single platform, with a specific compiler version only. For example, the standard permits a lot of optimization by specifying undefined behavior, but very few implementations make use of this potential. As a result, new compiler versions often break existing code. In theory, this can have security implications, see: <http://cert.uni-stuttgart.de/advisories/c-integer-overflow.php>
Current thread:
- Re: New Microsoft Security Tool for developers, (continued)
- Re: New Microsoft Security Tool for developers der Mouse (Dec 13)
- RE: New Microsoft Security Tool for developers Gene Spafford (Dec 13)
- Re: New Microsoft Security Tool for developers Mark Graff (Dec 13)
- RE: New Microsoft Security Tool for developers Jannie Hanekom (Dec 14)
- Re: New Microsoft Security Tool for developers der Mouse (Dec 15)
- Re: New Microsoft Security Tool for developers Dana Epp (Dec 15)
- Re: New Microsoft Security Tool for developers Crispin Cowan (Dec 15)
- Re: New Microsoft Security Tool for developers Dana Epp (Dec 15)
- RE: New Microsoft Security Tool for developers Örjan Petersson (Dec 16)
- strncpy (was: Re: New Microsoft Security Tool for developers) David A. Wheeler (Dec 16)
- Re: strncpy (was: Re: New Microsoft Security Tool for developers) Florian Weimer (Dec 17)
- Re: New Microsoft Security Tool for developers Dave Aronson (Dec 15)
- Re: New Microsoft Security Tool for developers Gene Spafford (Dec 17)
- Re: New Microsoft Security Tool for developers Mikey (Dec 17)