Re: [AD] Buffer security patch

[ Thread Index | Date Index | More lists.liballeg.org/allegro-developers Archives ]

To: alleg-developers@xxxxxxxxxx
Subject: Re: [AD] Buffer security patch
From: Ben Davis <bnd25@xxxxxxxxxx>
Date: Wed, 19 May 2004 15:49:40 +0100
Organization: Cambridge University

On Wednesday 19 May 2004 15:30, aj wrote:
> please can you educate me to this flaw, i am still using  strncpy()  but am
> still concerned about buffer issues.

strncpy() always writes precisely the number of bytes you pass to it. If 
possible, those bytes are all taken from the source string. If the source 
string is too short, then zeros are written.

An upshot is that if the source string is too long, the destination buffer 
will not contain a NUL byte at the end, so the string will be unterminated.

Ben

References:
- Re: [AD] Buffer security patch
  - From: aj

Messages sorted by: [ date | thread ]
Prev by Date: Re: [AD] Buffer security patch
Next by Date: Re: [AD] possible bug in override_config_file
Previous by thread: Re: [AD] Buffer security patch
Next by thread: Re: [AD] Buffer security patch

Mail converted by MHonArc 2.6.19+

http://listengine.tuxfamily.org/