You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "Leif Hedstrom (JIRA)" <ji...@apache.org> on 2010/06/30 19:05:50 UTC
[jira] Commented: (TS-369) Add safer strlcat, strlcpy functions
instead strncat, strncpy ones
[ https://issues.apache.org/jira/browse/TS-369?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12883985#action_12883985 ]
Leif Hedstrom commented on TS-369:
----------------------------------
Is this complete? If so, please close.
> Add safer strlcat, strlcpy functions instead strncat, strncpy ones
> ------------------------------------------------------------------
>
> Key: TS-369
> URL: https://issues.apache.org/jira/browse/TS-369
> Project: Traffic Server
> Issue Type: Improvement
> Components: Core
> Reporter: Mladen Turk
> Assignee: Mladen Turk
> Priority: Minor
> Fix For: 2.1.2
>
> Attachments: strlfn.patch
>
>
> Currently we are using strncpy and strncat set of functions and their more secure ink_strncat, ink_strncpy versions that
> make the string is NUL terminated.
> Since we are mostly operating on stack buffers of known size use BSD str "l" variants that use total length of
> destination string as maximum number of chars to copy instead remaining of the string.
> This makes code more secure because one doesn't need to subtract already consume buffer
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.