From 600d183bf6f6967b53a3f2a0e31e8d90a5c13f18 Mon Sep 17 00:00:00 2001
From: Alan Coopersmith <alan.coopersmith@oracle.com>
Date: Sun, 9 Jun 2019 11:08:08 -0700
Subject: Add comment about why safe_strncpy isn't replaced with strlcpy

Signed-off-by: Alan Coopersmith <alan.coopersmith@oracle.com>
---
 sessreg.c | 6 ++++++
 1 file changed, 6 insertions(+)

diff --git a/sessreg.c b/sessreg.c
index 7725bcc..9680851 100644
--- a/sessreg.c
+++ b/sessreg.c
@@ -192,6 +192,12 @@ sysnerr (int x, const char *s)
 	return x;
 }
 
+/*
+ * While this looks like it could be replaced with strlcpy() on platforms
+ * that have it, we're sticking with strncpy() so that we zero out the
+ * whole buffer to avoid writing garbage to the fixed length fields in the
+ * utmp/wtmp files, since strlcpy() does not write past the \0 terminator.
+ */
 static void
 safe_strncpy(char *dest, const char *src, size_t n)
 {
-- 
cgit v1.2.3