Date: Mon, 17 Mar 1997 23:18:09 +0100 (MET) From: Guido van Rooij <guido@gvr.win.tue.nl> To: bde@zeta.org.au (Bruce Evans) Cc: eivind@freefall.freebsd.org, cvs-all@freefall.freebsd.org, CVS-committers@freefall.freebsd.org, cvs-lib@freefall.freebsd.org Subject: Re: cvs commit: src/lib/libtermcap tgoto.c Message-ID: <199703172218.XAA17493@gvr.win.tue.nl> In-Reply-To: <199703172107.IAA27478@godzilla.zeta.org.au> from Bruce Evans at "Mar 18, 97 08:07:04 am"
next in thread | previous in thread | raw e-mail | index | archive | help
> >Shouln't you \0-terminate the copied string? This was suggested in the > >same article. > > The string is terminated by strcpy. The article was talking about an > allegedly bad fix that used strncpy. strncpy is OK if the final byte > of the array is never changed from its intial value of 0. > > >Further, there is a strcpy on the end. That should also be fixed. > > No, it is correct, except for a minor bug in the overflow checking. > I sent private mail to Eivind about it. > > >I think the if statements should be something like: > >if (dp >= &result[MAXRETURNSIZE-1]) > > This would ensure space for the terminator, but the check at the end > already does that. What check? I don;t see any check. According to me, the complete buffer can now be filled with non-NUL bytes and afterwards even extended by sizeof(added). If added is "", then still the NUL would be one off. -Guido
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703172218.XAA17493>