Date: Fri, 26 Oct 2001 11:42:19 -0400 (EDT) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: "Andrew R. Reiter" <arr@watson.org> Cc: freebsd-bugs@FreeBSD.ORG Subject: Re: bin/31507: Risk of buffer overflow in struct sockaddr_un Message-ID: <200110261542.f9QFgJZ71206@khavrinen.lcs.mit.edu> In-Reply-To: <Pine.NEB.3.96L.1011026113237.88071B-100000@fledge.watson.org> References: <200110261520.f9QFK1e07958@freefall.freebsd.org> <Pine.NEB.3.96L.1011026113237.88071B-100000@fledge.watson.org>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Fri, 26 Oct 2001 11:34:21 -0400 (EDT), "Andrew R. Reiter" <arr@watson.org> said: > Does this handle off-by-one situations? Also, in terms of using strncpy, > would it be more wise to utilize strlcpy() rather than a > strncpy()/buf[sizeof(buf)-1] = 0; throughout the tree? Or has strlcpy() > had some negative feedback? strlcpy() is non-portable, and in any case the kernel takes care of null-termination. (In FreeBSD it is actually permissible to use a larger buffer; see kern/uipc_usrreq.c:unp_bind(). Portable applications cannot depend on this.) -GAWollman To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200110261542.f9QFgJZ71206>