Date: Mon, 16 Dec 1996 13:58:40 -0800 From: Scott Blachowicz <scott@statsci.com> To: J Wunsch <j@uriah.heep.sax.de> Cc: freebsd-chat@freebsd.org Subject: Re: crontab security hole Message-ID: <m0vZl3Y-0003xJC@main.statsci.com> In-Reply-To: Your message of "Mon, 16 Dec 1996 21:51:12 %2B0100." <199612162051.VAA08770@uriah.heep.sax.de> References: <199612162051.VAA08770@uriah.heep.sax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
J Wunsch <j@uriah.heep.sax.de> wrote: > Haven't any of you ever heard of the ugly misdesign of strn{cat,cpy}() > to not delimit your string if it's reaching the end? I think this is > violating the principle of least surprise... since they still have the > `str' in the name, not `mem'. I agree with you, but on the other hand, it's not THAT hard to code it like this: char dest[N+1]; strncpy (dest, src, N); *(dest+N) = 0; Scott Blachowicz Ph: 206/283-8802x240 Mathsoft (Data Analysis Products Div) 1700 Westlake Ave N #500 scott@statsci.com Seattle, WA USA 98109 Scott.Blachowicz@seaslug.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?m0vZl3Y-0003xJC>