Re: strncpy() bug?

bug-glibc

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: strncpy() bug?

From:	Mike Castle
Subject:	Re: strncpy() bug?
Date:	Tue, 19 Jun 2001 16:53:19 -0700
User-agent:	Mutt/1.3.18i

On Tue, Jun 19, 2001 at 07:30:06PM -0400, William R. Pearson wrote:
> 
> I was suprised to find that on Linux (RH6.2, RH7.1) and Mac OSX systems, 
> the code:
> 
>   strncpy(str,sql_row[1],cnt-1);
> 
>   if (strlen(str) > cnt-1) {
>     fprintf(stderr,"*** How can this happen? %d/%d\n",
>             strlen(str),cnt-1);
>   }

This code is possibly broken.  strncpy does NOT place '\0' into the
destination if it doesn't see it in the source, as constrained by the
count.

One solution would be to use memset on str before the strncpy (I assume
that str is at least cnt bytes long, from your example).

I'm guessing sql_row is not null terminated.

To be honest, if strlen(str) > cnt-1, then I wouldn't be surprised if you
saw mysterious SEGFAULTS in your program due to accessing memory not in the
process space.

mrc
-- 
     Mike Castle      address@hidden      www.netcom.com/~dalgoda/
    We are all of us living in the shadow of Manhattan.  -- Watchmen
fatal ("You are in a maze of twisty compiler features, all different"); -- gcc

[Prev in Thread]

Current Thread

[Next in Thread]

strncpy() bug?, William R. Pearson, 2001/06/19
- Re: strncpy() bug?, Mike Castle <=

Prev by Date: Multi-Threaded C++ program in wich two calls to malloc, return the same pointer.
Next by Date: Re: Multi-Threaded C++ program in wich two calls to malloc, return the same pointer.
Previous by thread: strncpy() bug?
Next by thread: Multi-Threaded C++ program in wich two calls to malloc, return the same pointer.
Index(es):
- Date
- Thread