Re: Usage of Secure C (memcpy_s, strcpy_s etc) functions on OpenSSL

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Michael Wojcik writes:

> Some C experts have argued that the length-checking versions of the library functions, either the C90 ones such as strncat or the Appendix K ones, are essentially pointless anyway; that the caller needs to handle truncation and so ought to know whether truncation (or overflow) would occur before attempting the operation.

Isn't this normally/easilly handled simply by passing sizeof( buffer ) -
1?  Then the last byte is always \0 whether or not the copy was truncated.



[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux