changeset 1604:f057223498e4 draft

Remove more strncpy() calls. The semantics of strncat() and strncpy() are non-obvious, so let's not use 'em. Both zero all their remaining buffer space, and with strncat() the size is the space left at the _end_ of the string (not the size of the buffer) so it's way too easy to stomp memory you don't own. As long as we have to measure stuff ourselves to get it right, just use memcpy().
author Rob Landley <rob@landley.net>
date Sat, 13 Dec 2014 11:56:41 -0600
parents 51b7d1af353b
children c4c9267467f8
files lib/lib.c
diffstat 1 files changed, 3 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/lib/lib.c	Thu Dec 11 20:17:28 2014 -0600
+++ b/lib/lib.c	Sat Dec 13 11:56:41 2014 -0600
@@ -177,7 +177,7 @@
     if (len > 0) {
       *list = xmalloc(sizeof(struct string_list) + len + 1);
       (*list)->next = 0;
-      strncpy((*list)->str, new, len);
+      memcpy((*list)->str, new, len);
       (*list)->str[len] = 0;
       list = &(*list)->next;
     }
@@ -210,7 +210,8 @@
     if (!len) sprintf(rnext->str, "%s/%s", cwd, filename);
     else {
       char *res = rnext->str;
-      strncpy(res, path, len);
+
+      memcpy(res, path, len);
       res += len;
       *(res++) = '/';
       strcpy(res, filename);