Date: Fri, 04 Aug 2000 15:33:07 -0600 From: Warner Losh <imp@village.org> To: Kris Kennaway <kris@hub.freebsd.org> Cc: audit@FreeBSD.ORG Subject: Re: ether_line() patch Message-ID: <200008042133.PAA13109@harmony.village.org> In-Reply-To: Your message of "Fri, 04 Aug 2000 14:27:59 PDT." <Pine.BSF.4.21.0008041423330.68512-100000@hub.freebsd.org> References: <Pine.BSF.4.21.0008041423330.68512-100000@hub.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.BSF.4.21.0008041423330.68512-100000@hub.freebsd.org> Kris Kennaway writes: : On Fri, 4 Aug 2000, Warner Losh wrote: : : > This is incorrect too. It should be buf[sizeof(buf) - 1] = '\0'; : > because the valid range of buf is [0..sizeof(buf) - 1]. You don't : > need the -1 on strncpy, but that's a style issue. The post conditions : > are identical with it or without it: : : Oops again :) : : This change was just intended to be the above style : issue/micro-optimization (until I noticed the real bug in the old code). : In this case sizeof(buf) - 1 should still be correctly optimized by the : compiler since it's a compile-time constant, right? Yes. Just pointing out that each optimization might have other, unintended effects. Usually, I do the following stylaistically: strncpy(dst, src, X); dst[X] = '\0'; where X is the size of the buffer minus 1. This goes to show how right Theo de Raadt was with his strlcpy API change :-). Getting this right is too tedious to be left to the user. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008042133.PAA13109>