TFTP write() in 4.5.0 [PATCH]
Daniel Néri
dne at mayonnaise.net
Tue Jun 4 01:22:35 UTC 2002
"Vyacheslav V. Burdjanadze" <wr at zelax.ru> writes:
> + strncpy (full_path_name, new_name, sizeof(full_path_name));
Sorry, but here lies a bug. The correct idiom would be:
strncpy(full_path_name, new_name, sizeof(full_path_name) - 1);
full_path_name[sizeof(full_path_name) - 1] = '\0';
This is a common mistake, and one of the reasons why strlcpy/strlcat
were invented[*]. Unfortunately, they don't seem to have found their
way into newlib yet...
Best wishes,
--Daniel
[*] http://www.usenix.org/events/usenix99/millert.html
--
Daniel Neri
dne at mayonnaise.net
More information about the users
mailing list