1
Stenberg: No strcpy either
Daniel Stenberg has written a blog
post about the decision to ban the use strcpy()
in curl:
The main challenge with strcpy is that when using it we do not
specify the length of the target buffer nor of the source string. [...]
To make sure that the size checks cannot be separated from the copy
itself we introduced a string copy replacement function the other day
that takes the target buffer, target size,
source buffer and source string length as arguments
and only if the copy can be made and the null terminator also fits
there, the operation is done.
post about the decision to ban the use strcpy()
in curl:
The main challenge with strcpy is that when using it we do not
specify the length of the target buffer nor of the source string. [...]
To make sure that the size checks cannot be separated from the copy
itself we introduced a string copy replacement function the other day
that takes the target buffer, target size,
source buffer and source string length as arguments
and only if the copy can be made and the null terminator also fits
there, the operation is done.
Anonymous
No comments yet.