You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@trafficserver.apache.org by "Leif Hedstrom (JIRA)" <ji...@apache.org> on 2010/07/09 22:39:52 UTC

[jira] Resolved: (TS-369) Add safer strlcat, strlcpy functions instead strncat, strncpy ones

     [ https://issues.apache.org/jira/browse/TS-369?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Leif Hedstrom resolved TS-369.
------------------------------

    Resolution: Fixed

I'm closing this, please reopen if there is anything finished.

> Add safer strlcat, strlcpy functions instead strncat, strncpy ones
> ------------------------------------------------------------------
>
>                 Key: TS-369
>                 URL: https://issues.apache.org/jira/browse/TS-369
>             Project: Traffic Server
>          Issue Type: Improvement
>          Components: Core
>            Reporter: Mladen Turk
>            Assignee: Mladen Turk
>            Priority: Minor
>             Fix For: 2.1.2
>
>         Attachments: strlfn.patch
>
>
> Currently we are using strncpy and strncat set of functions and their more secure ink_strncat, ink_strncpy versions that
> make the string is NUL terminated.
> Since we are mostly operating on stack buffers of known size use BSD str "l" variants that use total length of
> destination string as maximum number of chars to copy instead remaining of the string.
> This makes code more secure because one doesn't need to subtract already consume buffer

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.