Add comment about why safe_strncpy isn't replaced with strlcpy

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
author: Alan Coopersmith <alan.coopersmith@oracle.com> 2019-06-09 11:08:08 -0700
committer: Alan Coopersmith <alan.coopersmith@oracle.com> 2019-06-09 11:08:08 -0700
commit: 600d183bf6f6967b53a3f2a0e31e8d90a5c13f18 (patch)
tree: e59713d2e2c9bae36675b6d843d41bbb650bbc4a
parent: 5b403d124c32c20fddc73bc5ae3c7e1febdf1bc4 (diff)
1 files changed, 6 insertions, 0 deletions
diff --git a/sessreg.c b/sessreg.c
index 7725bcc..9680851 100644
--- a/sessreg.c
+++ b/sessreg.c
@@ -192,6 +192,12 @@ sysnerr (int x, const char *s)
 	return x;
 }
 
+/*
+ * While this looks like it could be replaced with strlcpy() on platforms
+ * that have it, we're sticking with strncpy() so that we zero out the
+ * whole buffer to avoid writing garbage to the fixed length fields in the
+ * utmp/wtmp files, since strlcpy() does not write past the \0 terminator.
+ */
 static void
 safe_strncpy(char *dest, const char *src, size_t n)
 {
author	Alan Coopersmith <alan.coopersmith@oracle.com>	2019-06-09 11:08:08 -0700
committer	Alan Coopersmith <alan.coopersmith@oracle.com>	2019-06-09 11:08:08 -0700
commit	600d183bf6f6967b53a3f2a0e31e8d90a5c13f18 (patch)
tree	e59713d2e2c9bae36675b6d843d41bbb650bbc4a
parent	5b403d124c32c20fddc73bc5ae3c7e1febdf1bc4 (diff)