Eric Sunshine <sunshine@xxxxxxxxxxxxxx> writes: > Also, if 'buf' is indeed unconditionally NUL-terminated, then the (sp > <= buf + size) check is wasted code since the result of strstr() will > always be either NULL or pointing somewhere within the NUL-terminated > string. A caller can give a buf that is NUL terminated but specify that the only early part of the buffer to be used by giving you a shorter size, no? In such a case, strstr() is safe in the sense that it is guaranteed not to go on forever, but you need to verify the location of the string it found is within the bounds. -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html