LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 23, 2013

An "enum" for Python 3

An unexpected perf feature

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

The ups and downs of strlcpy()

The ups and downs of strlcpy()

Posted Jul 20, 2012 20:31 UTC (Fri) by bronson (subscriber, #4806)
In reply to: The ups and downs of strlcpy() by jimparis
Parent article: The ups and downs of strlcpy()

Yes, but is libc told how the string is being used? No.

So what's the only safe thing for libc to do when it notices that initial conditions are invalid?

(Log in to post comments)

The ups and downs of strlcpy()

Posted Jul 21, 2012 4:19 UTC (Sat) by cmccabe (guest, #60281) [Link]

libc can't "notice that the conditions are invalid," because C IS NOT A MANAGED LANGUAGE.

We all make copy and paste errors and all other things being equal, long, hard to inspect C code is less secure than short and clear code.

The ups and downs of strlcpy()

Posted Jul 25, 2012 2:00 UTC (Wed) by bronson (subscriber, #4806) [Link]

You don't need a managed language to make strlcpy abort instead of truncating.

I agree with the rest of your comment.

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds