Re: strncpy clarify result may not be null terminated

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: Alejandro Colomar <alx@xxxxxxxxxx>
Subject: Re: strncpy clarify result may not be null terminated
From: Paul Eggert <eggert@xxxxxxxxxxx>
Date: Thu, 9 Nov 2023 21:36:43 -0800
Cc: Jonny Grant <jg@xxxxxxxx>, Matthew House <mattlloydhouse@xxxxxxxxx>, linux-man <linux-man@xxxxxxxxxxxxxxx>, GNU C Library <libc-alpha@xxxxxxxxxxxxxx>
In-reply-to: <ZU1v-JKBP9iWXOOT@debian>
Organization: UCLA Computer Science Department
References: <aeb55af5-1017-4ffd-9824-30b43d5748e3@jguk.org> <ZUgl2HPJvUge7XYN@debian> <d40fffcb-524d-44b6-a252-b55a8ddc9fee@jguk.org> <ZUo6btEFD_z_3NcF@devuan> <20231108021240.176996-1-mattlloydhouse@gmail.com> <ZUvilH5kuQfTuZjy@debian> <20231109031345.245703-1-mattlloydhouse@gmail.com> <250e0401-2eaa-461f-ae20-a7f44d0bc5ad@jguk.org> <ZUzEw2j6gHF5WtsO@debian> <f10a21e1-570c-4166-b060-afb2de93aede@cs.ucla.edu> <ZU1v-JKBP9iWXOOT@debian>
User-agent: Mozilla Thunderbird

On 2023-11-09 15:48, Alejandro Colomar wrote:

I'd then just use strlen(3)+strcpy(3), avoiding
strncpy(3).

But that is vulnerable to the same denial-of-service attack that strlcpyis vulnerable to. You'd need strnlen+strcpy instead.

The strncpy approach I suggested is simpler, and (though this doesn'tmatter much in practice) is typically significantly faster thanstrnlen+strcpy in the typical case where the destination is a smallfixed-size buffer.

Although strncpy is not a good design, it's often simpler or faster orsafer than later "improvements".

Follow-Ups:
- Re: strncpy clarify result may not be null terminated
  - From: Alejandro Colomar
- Re: strncpy clarify result may not be null terminated
  - From: Jonny Grant

References:
- Re: strncpy clarify result may not be null terminated
  - From: Jonny Grant
- Re: strncpy clarify result may not be null terminated
  - From: Alejandro Colomar
- Re: strncpy clarify result may not be null terminated
  - From: Jonny Grant
- Re: strncpy clarify result may not be null terminated
  - From: Alejandro Colomar
- Re: strncpy clarify result may not be null terminated
  - From: Matthew House
- Re: strncpy clarify result may not be null terminated
  - From: Alejandro Colomar
- Re: strncpy clarify result may not be null terminated
  - From: Matthew House
- Re: strncpy clarify result may not be null terminated
  - From: Jonny Grant
- Re: strncpy clarify result may not be null terminated
  - From: Alejandro Colomar
- Re: strncpy clarify result may not be null terminated
  - From: Paul Eggert
- Re: strncpy clarify result may not be null terminated
  - From: Alejandro Colomar

Prev by Date: Re: strncpy clarify result may not be null terminated
Next by Date: Re: strncpy clarify result may not be null terminated
Previous by thread: Re: strncpy clarify result may not be null terminated
Next by thread: Re: strncpy clarify result may not be null terminated
Index(es):
- Date
- Thread

[Index of Archives] [Kernel Documentation] [Netdev] [Linux Ethernet Bridging] [Linux Wireless] [Kernel Newbies] [Security] [Linux for Hams] [Netfilter] [Bugtraq] [Yosemite News] [MIPS Linux] [ARM Linux] [Linux RAID] [Linux Admin] [Samba]