[Asterisk-Dev] [RFC] strncpy -> ast_copy_string
Kristian Nielsen
kn at sifira.dk
Mon May 2 00:46:24 MST 2005
Steve Underwood <steveu at coppice.org> writes:
> Hey, they changed it. strncpy never used to do that :-\ I wonder if
> that was to avoid some securiy issues with what might have remained in
> the buffer. Whatever, I don't agree with changing the behaviour of
> well estabilished functions. That sucks.
My copy of Kernighan and Ritchie "The C Programming Language" (second
edition, 1988) says:
Copy at most n characters of string ct to s; return s. Pad with
'\0's if t has fewer than n characters.
so I do not think that strncpy() changed. Rather, strncpy() has always
been broken, especially as regards the missing zero termination. I would
bet that there are several bugs lurking in Asterisk where a strncpy()
may leave a string without zero-termination, resulting in buffer
overruns later in the code.
- Kristian.
--
Kristian Nielsen kn at sifira.dk
Development Manager, Sifira A/S
More information about the asterisk-dev
mailing list