Re: [AD] strcat strcpy etc.. BUG found!

[ Thread Index | Date Index | More lists.liballeg.org/allegro-developers Archives ]

To: "Lo'oRiS il Kabukimono" <_lano_@xxxxxxxxxx>
Subject: Re: [AD] strcat strcpy etc.. BUG found!
From: Robert Ohannessian <ohannessian@xxxxxxxxxx>
Date: Thu, 12 Dec 2002 17:54:44 -0500
Cc: Allegro conductors <conductors@xxxxxxxxxx>

Lo'oRiS il Kabukimono wrote:

Eric Botcazou <ebotcazou@xxxxxxxxxx> :

7.15.3.2  The strncat function


[...]

and... what's wrong with that?
to me this looks like the same good old strncat...


char buf[256];

strncpy(buf, "foo", 256);
strncat(buf, bar, 256);

strncat can crash for two reasons:
- the strncpy call didn't insert the terminating 0
- strncat may write to buf[256], which will cause it to crash.

The "fixed" code is:

char buf[256];

strncpy(buf, "foo", 256);
buf[MIN(strlen("foo"), 256)] = 0;  // add missing 0

strncat(buf, bar, 256 - 1); // amke sure not to write extracharacter.




--
- Robert Jr Ohannessian
http://bob.allegronetwork.com/
The peer will come and reset your connection. RUN WHILE YOU STILL CAN!

Follow-Ups:
- Re: [AD] strcat strcpy etc.. BUG found!
  - From: Robert Ohannessian

References:
- [AD] strcat strcpy etc.. BUG found!
  - From: aj
- Re: [AD] strcat strcpy etc.. BUG found!
  - From: Eric Botcazou
- Re: [AD] strcat strcpy etc.. BUG found!
  - From: Lo'oRiS il Kabukimono
- Re: [AD] strcat strcpy etc.. BUG found!
  - From: Eric Botcazou
- Re: [AD] strcat strcpy etc.. BUG found!
  - From: Lo'oRiS il Kabukimono

Messages sorted by: [ date | thread ]
Prev by Date: Re: [AD] strcat strcpy etc.. BUG found!
Next by Date: Re: [AD] strcat strcpy etc.. BUG found!
Previous by thread: Re: [AD] strcat strcpy etc.. BUG found!
Next by thread: Re: [AD] strcat strcpy etc.. BUG found!

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/