At Mon, 22 Mar 2010 08:43:47 -0700, Joe Perches wrote: > > On Mon, 2010-03-22 at 18:39 +0300, Dan Carpenter wrote: > > card->driver is 15 characters and a NULL, the original code could > > cause a buffer overflow. > > > In version 2, I used a better name that Takashi Iwai suggested. > > Perhaps it's better to use strncpy as well. strlcpy() would be safer :) But, in such a case, we want rather that the error is notified at build time. Maybe a macro like below would be helpful to catch such bugs? #define COPY_STRING(buf, src) \ do { \ if (__builtin_constant_p(src)) \ BUILD_BUG_ON(strlen(src) >= sizeof(buf)); \ strcpy(buf, src); \ } while (0) and used like: struct foo { char foo[5]; } x; COPY_STRING(x.foo, "OK"); // OK COPY_STRING(x.foo, "1234567890"); // NG Takashi -- To unsubscribe from this list: send the line "unsubscribe linux-media" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html