[patch] abuse of strncpy
walter harms
wharms at bfs.de
Mon Jun 5 03:55:02 PDT 2006
Just for my curiosity, "different semantics and functionality" ?
man strlcpy() says:
size_t strlcpy (char * dest, const char * src, size_t size);
while strncpy:
char *strncpy(char *dest, const char *src, size_t n);
A grep over busybox (some older version) shows that the return value is
actualy used only once.
The bb_strlcpy() is only used for system that do not provide a strlcpy
by them self (perhaps this can be dropped).
re,
wh
Peter Kjellerstedt wrote:
>> -----Original Message-----
>> From: busybox-bounces at busybox.net
>> [mailto:busybox-bounces at busybox.net] On Behalf Of Tito
>> Sent: Friday, June 02, 2006 14:20
>> To: busybox at busybox.net; wharms at bfs.de
>> Subject: Re: [patch] abuse of strncpy
>>
>> On Friday 2 June 2006 10:07, walter harms wrote:
>>> Hi Erik good catch,
>>> if you are concerned about security why not use strlcpy() or a bb
>>> supplied bb_strlcpy() if its not available ?.
>> Hi,
>> In libbb we have it ;-)
>>
>> /* Like strncpy but make sure the resulting string is always
>> 0 terminated. */
>> char * safe_strncpy(char *dst, const char *src, size_t size)
>> {
>> dst[size-1] = '\0';
>> return strncpy(dst, src, size-1);
>> }
>
> Is it just me that find the name safe_strncpy() somewhat misleading
> when looking at its implementation? What if size == 0?
>
> I would suggest it is changed to the following:
>
> char * safe_strncpy(char *dst, const char *src, size_t size)
> {
> if (!size) {
> return dst;
> } else {
> dst[size-1] = '\0';
> return strncpy(dst, src, size-1);
> }
> }
>
> And on the related subject of renaming the above function to
> bb_strlcpy(), that would be totally misleading, as strlcpy() has
> totally different semantics and functionality.
>
> //Peter
>
>
>
More information about the busybox
mailing list