Hello, I have a structure that has an array of pointers. I would like to insert into the array digits in string format, i.e. "1", "2", etc.. However, is there any difference in using either sprintf or strncpy? Any big mistakes with my code? I know I have to call free, I will do that in another part of my code. Many thanks for any adv...
I am looking to find out why strncpy is considered insecure. Does anybody have any sort of documentation on this or examples of an exploit using it? ...
Hello, I am using the code below char call[64] = {'\0'} /* clean buffer */ strncpy(call, info.called, sizeof(call)); I always use the sizeof for the destination for protecting a overflow, incase source is greater than the destination. This way I can prevent a buffer overflow as it will only copy as much as the destination can handle....
Hello, I have decided to make a wrapper for strncpy as my source code requires me to do a lot of string copies. And I want to ensure that the string is terminated if the source is equal or greater than the destination. As this code will be used in production, so I just want to see if there are any potential dangers using this wrapper. ...
Edit: I've added the source for the example. I came across this example: char source[MAX] = "123456789"; char source1[MAX] = "123456789"; char destination[MAX] = "abcdefg"; char destination1[MAX] = "abcdefg"; char *return_string; int index = 5; /* This is how strcpy works */ printf("destination is originally = '%s'\n", destination); r...
strncpy supposedly protects from buffer overflows. But if it prevents an overflow without null terminating, in all likelyhood a subsequent string operation is going to overflow. So to protect against this I find myself doing strncpy( dest, src, LEN ); dest[LEN-1] = '\0'; man strncpy: The strncpy() function is similar, e...
I understand that strlcpy and strlcat were designed as secure replacements for strncpy and strncat, however some people are still of the opinion that they are insecure, and simply cause a different type of problem. http://en.wikipedia.org/wiki/Strlcpy#Criticism Can someone give an example of how using strlcpy or strlcat, i.e. a functio...
I have been chasing this bug around, and I just don't get it. Have I forgotten some basic C or something? ==28357== Conditional jump or move depends on uninitialised value(s) ==28357== at 0x4C261E8: strlen (mc_replace_strmem.c:275) ==28357== by 0x4E9280A: puts (ioputs.c:36) ==28357== by 0x400C21: handlePath (myshell.c:105) ==2...
So i am trying to read a text file line by line and save each line into a char array. From my printout in the loop I can tell it is counting the lines and the number of characters per line properly but I am having problems with strncpy. When I try to print the data array it only displays 2 strange characters. I have never worked with ...
Hi, I have a static variable declared in a file: static char *msgToUser[] = { "MSG1 ", "MSG2 ", }; Inside one of the methods of a class I'm doing this: void InfoUser::ModifyMsg( BYTE msgIdx, char *msgString ){ strncpy( msgToUser[ idx ], msgString, DISPLAY_SIZE ); } When I do the strncopy ...