Le 03/09/2012 16:46, bert a écrit : > On Mon, Sep 03, 2012 at 04:37:42PM +0200, rustyBSD wrote: >> /usr/src/sbin/disklabel/disklabel.c >> lines: 333 & 1092 & 1096 >> >> Is this me, or these strncpy() may cause off-by-one >> overflows ?
No i'm wrong, but it's still better to use strlcpy >> >> In an use like this: >> >> strncpy(a, b, sizeof(a)); >> >> the null terminator will be added beyond the end of >> a if b has the same size (or a larger size). >> >> Should use something like: >> >> strncpy(a, b, sizeof(a) - 1); >> > or, better yet, replaced by strlcpy(3)
