Re: No need for AV tools on Linux, eh?
- From: Ian Malone <ibmalone@xxxxxxxxx>
- Date: Fri, 18 Feb 2011 22:44:42 +0000
On 18 February 2011 19:13, Joe Zeff <joe@xxxxxxx> wrote:
On 02/18/2011 09:55 AM, Ian Malone wrote:
To derail discussion slightly, this doesn't really fix the problem,
just shifts it to a different place (keeping track of lengths and
dynamically handling data)
In a word, "NO." You know how big your buffer is so you only allow
strncpy() to copy that many bytes, throwing away any excess.
Used properly, yes you've avoided buffer overruns, used badly no.
strncpy(dest,src,strlen(src)+1)
Ridiculous? Yes. Never used in practice? I'd like to believe it.
strncpy has been in C since it was first standardised, but people
still write code that overflows.
--
imalone
--
users mailing list
users@xxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
- Follow-Ups:
- Re: No need for AV tools on Linux, eh?
- From: Joe Zeff
- Re: No need for AV tools on Linux, eh?
- References:
- Re: No need for AV tools on Linux, eh?
- From: James Mckenzie
- Re: No need for AV tools on Linux, eh?
- From: Joe Zeff
- Re: No need for AV tools on Linux, eh?
- From: Rick Stevens
- Re: No need for AV tools on Linux, eh?
- From: Ian Malone
- Re: No need for AV tools on Linux, eh?
- From: Joe Zeff
- Re: No need for AV tools on Linux, eh?
- Prev by Date: Launching metacity
- Next by Date: Re: No need for AV tools on Linux, eh?
- Previous by thread: Re: No need for AV tools on Linux, eh?
- Next by thread: Re: No need for AV tools on Linux, eh?
- Index(es):
Relevant Pages
|
