[prev in list] [next in list] [prev in thread] [next in thread]
List: openvas-development
Subject: Re: [Openvas-devel] [Openvas-commits] r694 -
From: Lmwangi <labeneator () gmail ! com>
Date: 2008-03-03 13:08:21
Message-ID: 1e6e35b60803030508s41b38408nd438f8ae93b21045 () mail ! gmail ! com
[Download RAW message or body]
On Mon, Mar 3, 2008 at 2:41 PM, Bernhard Herzog <bh@intevation.de> wrote:
> 1. Different guarantees regarding the terminating null character.
>
> strcpy also copies the terminating null character. The strncpy call
> doesn't because it always copies exactly the number of characters
> given in the third parameter and strlen doesn't count the terminating null.
Wow! I never saw that...
> 2. The size parameter should indicate how much space is left in dest.
> Obviously, simply using strlen(src) as the size defeats its purpose.
True..
in all, I think the changes (rev. 694 and 687) actually lower the
> quality of the code. The original strcpy calls were not wrong, so a
> simple /* Flawfinder: ignore */ comment would have sufficed. It would also
> have the advantage that we can later tell flawfinder to ignore those
> comments to get it to recheck the code.
OK, will do this instead.
Thanks
_______________________________________________
Openvas-devel mailing list
Openvas-devel@wald.intevation.org
http://lists.wald.intevation.org/mailman/listinfo/openvas-devel
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic