[Bf-committers] fix to #2117
Douglas Toltzman
doug at oakstreetsoftware.com
Tue Jan 25 02:42:59 CET 2005
You are missing Alexander's point completely.
The safe use of BLI_strncpy would be something like this;
char buffer[80];
BLI_strncpy(buffer,name,sizeof(buffer));
But the code in question used "strlen(name)+1" for the copy length where
name could be longer than what will fit in the target buffer, and could
cause a buffer overflow. When used this way, strcpy(buffer,name) would
perform EXACTLY the same function.
Some things are just so obvious, they are easy to overlook.
Douglas Toltzman
Hubert, NC
On Mon, 24 Jan 2005, Joilnen Batista Leite wrote:
> humm !
> i think that BLI_strncpy not copy more than maxncpy,
> so it is more secure than strcpy
>
> Joilnen
-- snip --
> > However, it still doesn't change the fact that the
> > call
> >
> > BLI_strncpy( self->name, name, strlen( name ) + 1 );
> >
> > is fully equivalent to:
> >
> > strcpy(self->name, name);
> >
> > | alexander ewering instinctive
> > mediaworks
> > | ae[@]instinctive[.]de
> > http://www[.]instinctive[.]de
More information about the Bf-committers
mailing list