Georg Baum wrote: >> Test code attached. I'm pretty sure that this is safe, but would >> value second opinions... > > IMHO you should use strncat and strncpy instead of strcat and > strcpy. I am not sure if strncat requires it, but strncpy does not > terminate the string correctly if it was too long, so > > fname[SIZE-1] = '\0'; > > is needed afterwards. This way too long names are just cut, > otherwise you may get buffer overflows. But I see that the original > code does use strcpy and strcat too, so it won't help much unless > that code is converted too. > > String manipulation in C is so nice ;-)
Isn't it just. Thanks for this, Georg. -- Angus
