From: | Kevin Grittner <kgrittn(at)ymail(dot)com> |
---|---|
To: | Tomas Vondra <tv(at)fuzzy(dot)cz>, David Rowley <dgrowleyml(at)gmail(dot)com> |
Cc: | PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
Subject: | Re: strncpy is not a safe version of strcpy |
Date: | 2013-11-15 14:32:48 |
Message-ID: | 1384525968.71775.YahooMailNeo@web162905.mail.bf1.yahoo.com |
Views: | Raw Message | Whole Thread | Download mbox | Resend email |
Thread: | |
Lists: | pgsql-hackers |
Tomas Vondra <tv(at)fuzzy(dot)cz> wrote:
> On 15 Listopad 2013, 1:00, David Rowley wrote:
>> more focused on trying to draw a bit of attention to commit
>> 061b88c732952c59741374806e1e41c1ec845d50 which uses strncpy and
>> does not properly set the last byte to 0 afterwards. I think
>> this case could just be replaced with strlcpy which does all
>> this hard work for us.
>
> Hmm, you mean this piece of code?
>
> strncpy(saved_argv0, argv[0], MAXPGPATH);
>
> IMHO you're right that's probably broken, unless there's some
> checking happening before the call.
I agree, and there is no such checking. Fix pushed.
--
Kevin Grittner
EDB: http://www.enterprisedb.com
The Enterprise PostgreSQL Company
From | Date | Subject | |
---|---|---|---|
Next Message | Stephen Frost | 2013-11-15 14:33:17 | Re: SSL renegotiation |
Previous Message | Peter Eisentraut | 2013-11-15 14:30:51 | Re: Race condition in b-tree page deletion |