diff options
author | Jim Meyering <meyering@redhat.com> | 2012-10-04 13:10:03 +0200 |
---|---|---|
committer | Anthony Liguori <aliguori@us.ibm.com> | 2012-10-05 07:58:38 -0500 |
commit | 9b9e3ec1b47f615f635055924e24705cc3f45b20 (patch) | |
tree | 951ed754f2d9093fe7680a86b470c1a1f6441dd2 | |
parent | 9310b9be14f73d4c1e98bfa315fe84326ad9e8e7 (diff) |
doc: update HACKING wrt strncpy/pstrcpy
Reword the section on strncpy: its NUL-filling is important
in some cases. Mention that pstrcpy's signature is different.
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
-rw-r--r-- | HACKING | 9 |
1 files changed, 5 insertions, 4 deletions
@@ -91,10 +91,11 @@ emulators. 4. String manipulation -Do not use the strncpy function. According to the man page, it does -*not* guarantee a NULL-terminated buffer, which makes it extremely dangerous -to use. Instead, use functionally equivalent function: -void pstrcpy(char *buf, int buf_size, const char *str) +Do not use the strncpy function. As mentioned in the man page, it does *not* +guarantee a NULL-terminated buffer, which makes it extremely dangerous to use. +It also zeros trailing destination bytes out to the specified length. Instead, +use this similar function when possible, but note its different signature: +void pstrcpy(char *dest, int dest_buf_size, const char *src) Don't use strcat because it can't check for buffer overflows, but: char *pstrcat(char *buf, int buf_size, const char *s) |