You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@trafficserver.apache.org by "Mladen Turk (JIRA)" <ji...@apache.org> on 2010/05/24 09:25:24 UTC
[jira] Updated: (TS-369) Add safer strlcat, strlcpy functions
instead strncat, strncpy ones
[ https://issues.apache.org/jira/browse/TS-369?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Mladen Turk updated TS-369:
---------------------------
Attachment: strlfn.patch
Patch implementing strlncat for non-BSD platforms and couple of replacements of strncat functions
> Add safer strlcat, strlcpy functions instead strncat, strncpy ones
> ------------------------------------------------------------------
>
> Key: TS-369
> URL: https://issues.apache.org/jira/browse/TS-369
> Project: Traffic Server
> Issue Type: Improvement
> Components: Core
> Reporter: Mladen Turk
> Assignee: Mladen Turk
> Priority: Minor
> Fix For: 2.1.0
>
> Attachments: strlfn.patch
>
>
> Currently we are using strncpy and strncat set of functions and their more secure ink_strncat, ink_strncpy versions that
> make the string is NUL terminated.
> Since we are mostly operating on stack buffers of known size use BSD str "l" variants that use total length of
> destination string as maximum number of chars to copy instead remaining of the string.
> This makes code more secure because one doesn't need to subtract already consume buffer
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.