[patch] abuse of strncpy

walter harms wharms at bfs.de
Fri Jun 2 12:46:58 UTC 2006


lets call it bb_strlcpy(), so there is less confusion.
re,
  wh

Tito wrote:
> On Friday 2 June 2006 10:07, walter harms wrote:
>> Hi Erik good catch,
>> if you are concerned about security why not use strlcpy() or a bb 
>> supplied bb_strlcpy() if its not available ?.
> Hi,
> In libbb we have it ;-)
> 
> /* Like strncpy but make sure the resulting string is always 0 terminated. */
> char * safe_strncpy(char *dst, const char *src, size_t size)
> {
> 	dst[size-1] = '\0';
> 	return strncpy(dst, src, size-1);
> }
> 
> 
>> "the result is always a valid NUL-terminated string that fits in the
>> buffer (unless, of course, the buffer size is zero)."
>>
>> strncpy() does not do it (IMHO: design error).
>> re,
>>   wh
>>
>> Erik Hovland wrote:
>>> package: busybox
>>> version: trunk (20060601)
>>>
>>> This patch addresses all of the uses of strncpy that I thought were
>>> abusive in that they allowed copy such that \0 termination could
>>> potentially be lost.
>>>



More information about the busybox mailing list