clayne at anodized.com
Sat Feb 17 02:47:47 UTC 2007
On Fri, Feb 16, 2007 at 09:19:51PM -0500, Watson Ladd wrote:
> I couldn't help but notice a strncpy in the diagrams. That's
> inefficient, and insecure. The reason is that strncpy fills the entire
> rest of the target string with \x00 but might not do it if the sizes
> differ. Use strlcpy instead! It's almost a drop in replacement, faster,
> and more secure.
> Watson Ladd
Without the visualizer itself it can be difficult to find the context just
by looking at a snapshot.
It's mainly being called from _tor_strndup(), from what I can see, which
/** Allocate and return a new string containing the first <b>n</b>
* characters of <b>s</b>. If <b>s</b> is longer than <b>n</b>
* characters, only the first <b>n</b> are copied. The result is
* always NUL-terminated. (Like strndup(s,n), but never returns
_tor_strndup(const char *s, size_t n DMALLOC_PARAMS)
dup = _tor_malloc((n+1) DMALLOC_FN_ARGS);
/* Performance note: Ordinarily we prefer strlcpy to strncpy. But
* this function gets called a whole lot, and platform strncpy is
* much faster than strlcpy when strlen(s) is much longer than n.
strncpy(dup, s, n);
More information about the tor-dev