X-MimeOLE: Produced By Microsoft Exchange V6.5
Received: by onstor-exch02.onstor.net 
	id <01C85A0A.64A70AE0@onstor-exch02.onstor.net>; Fri, 18 Jan 2008 12:43:26 -0700
MIME-Version: 1.0
Content-Type: text/plain;
	charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Content-class: urn:content-classes:message
Subject: RE: Use strlcpy instead of strncpy
Date: Fri, 18 Jan 2008 12:43:26 -0700
Message-ID: <BB375AF679D4A34E9CA8DFA650E2B04E07BC01C9@onstor-exch02.onstor.net>
In-Reply-To: <20080118113553.6aa281e9@ripper.onstor.net>
X-MS-Has-Attach: 
X-MS-TNEF-Correlator: 
Thread-Topic: Use strlcpy instead of strncpy
Thread-Index: AchaCVZhsdaCiaJwSbiaP+0xFG9SywAAMYJw
References: <BB375AF679D4A34E9CA8DFA650E2B04E038F8F00@onstor-exch02.onstor.net> <20080118113553.6aa281e9@ripper.onstor.net>
From: "Maxim Kozlovsky" <maxim.kozlovsky@onstor.com>
To: "Andy Sharp" <andy.sharp@onstor.com>,
	"James Kahn" <james.kahn@onstor.com>
Cc: "dl-Software" <dl-software@onstor.com>

Just make sure that you are aware about subtle differences between
strlcpy and strncpy and don't just go around blindly replacing one with
another.

The strncpy() will zero-fill the remainder of the buffer, while
strlcpy() will not.

Strlcpy() requires true "c" string, while strncpy() does not.

>-----Original Message-----
>From: Andy Sharp
>Sent: Friday, January 18, 2008 11:36 AM
>To: James Kahn
>Cc: dl-Software
>Subject: Re: Use strlcpy instead of strncpy
>
>On Fri, 18 Jan 2008 11:31:12 -0800 "James Kahn" <james.kahn@onstor.com>
>wrote:
>
>> I thought I'd mention that a more efficient string function exists
for
>> dealing with strncpy()
>> Coverity limitations, strlcpy().  Strlcpy always NULL terminates the
>> destination string
>> unlike strncpy() which will not NULL terminate if the source string
is
>> bigger than the
>> destination string.
>>
>> Here is the Converity band-aid, that has been been used to date:
>>         strncpy(asCfg.to, entry->value, sizeof(asCfg.to) - 1);
>>         asCfg.to[sizeof(asCfg.to) - 1] =3D '\0';
>>
>> Following is the strlcpy() solution:
>>         strlcpy(asCfg.to, entry->value, sizeof(asCfg.to));
>>
>>
>> fyi,
>> --Jim
>
>Thanks for informing on this one, Jim.  I've always hated the strncpy
>semantics and despaired at the 5 trillion instances of code like your
>example.
>
>Cheers,
>
>a
