Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

Re: New Microsoft Security Tool for developers

From: der Mouse <mouse () Rodents Montreal QC CA>
Date: Mon, 15 Dec 2003 11:15:26 +0000
char buffer[10];
strncpy(buffer,str,(sizeof(buffer)-1));



[I]sn't there potential for information leakage with that code?  It
always copies 9 bytes of data, regardless of the length of str,
meaning it can potentially place information in buffer that wasn't in
str in the first place.


No.  This is not memcpy(); look up what strncpy does.

strncpy(from,to,n) always writes into the first n bytes at *to, but it
copies out of *from _only until the first '\0'_ or until n bytes have
been copied, whichever comes first.  (Additional bytes written into
*to, if any, are written with '\0'.)

/~\ The ASCII                           der Mouse
\ / Ribbon Campaign
 X  Against HTML               [EMAIL PROTECTED]
/ \ Email!           7D C8 61 52 5D E7 2D 39  4E F1 31 3E E8 B3 27 4B
Previous By Date Next
Previous By Thread Next

Current thread: