Bugtraq mailing list archives
Re: strcpy versus strncpy
From: cmason () WYREX COM (Chris L. Mason)
Date: Tue, 3 Mar 1998 23:38:18 -0500
It is kalled SIGSEGV ... Because strlen is simply an size_t i; char *string; for(i=0;*(string+i)!='\0';i++); return i; And when (string+1) points outside the space allocated .. well .. possible it doesn't find a '\0' there .. possible it don't even can read it .. And thats why you can't do that.
Good point. Here's a revised version (also incorporating other suggestions
made)
size_t sstrlen(const char *s, size_t n) {
size_t i;
for(i = 0; (*(s+i) != '\0' && i < n); i++);
return i;
}
char *sstrncpy(char *dst, size_t n1, const char *src, size_t n2) {
if (sstrlen(src, n2) > (n1 - 1)) {
errno = ENOSPC;
dst[0] = NULL;
return NULL;
}
strncpy(dst, src, n2);
return dst;
}
Something similar could be done with strncat as well. Note that I
don't return the number of bytes written because I wanted to remain
consistent with the existing strncpy.
Chris
Current thread:
- updatedb: sort patch, (continued)
- updatedb: sort patch Michael Ballbach (Mar 02)
- Re: strcpy versus strncpy Eivind Eklund (Mar 03)
- Vulnerabilites in some versions of info2www CGI Niall Smart (Mar 03)
- Universal Wrapper Willy TARREAU (Mar 03)
- Re: strcpy versus strncpy Victor Lavrenko (Mar 03)
- Re: strcpy versus strncpy Chris L. Mason (Mar 03)
- Re: strcpy versus strncpy Mark Whitis (Mar 04)
- Re: strcpy versus strncpy Andy Church (Mar 02)
- Re: strcpy versus strncpy Edwin Li-Kai Liu (Mar 03)
- Re: strcpy versus strncpy Ben Laurie (Mar 03)
- Re: strcpy versus strncpy Chris L. Mason (Mar 03)
- Re: strcpy versus strncpy der Mouse (Mar 04)
- Re: strcpy versus strncpy Aleph One (Mar 04)
- Re: strcpy versus strncpy Aleph One (Mar 04)
- Re: strcpy versus strncpy Aleph One (Mar 04)
- Re: strcpy versus strncpy Aleph One (Mar 04)
- Re: strcpy versus strncpy der Mouse (Mar 05)
- Re: strcpy versus strncpy Nick Maclaren (Mar 05)
- Re: strcpy versus strncpy Steve Bellovin (Mar 05)
- Re: strcpy versus strncpy Paul McNabb (Mar 05)