On Thu, Jul 9, 2026 at 12:04 AM Peter Eisentraut <[email protected]> wrote:
>
> On 08.07.26 21:24, Haibo Yan wrote:
> > I noticed a few places in ecpg that use strncpy() even though the code 
> > already
> > knows how many bytes to copy.
> >
> > For example, some paths copy N bytes into a temporary buffer and then add 
> > the
> > terminating NUL explicitly.  There is also one small substring copy in
> > pgtypeslib/datetime.c.  memcpy() seems a better fit for those cases.
>
> Why is it better?  At least strncpy() enforces that the target is a char
> array, which memcpy() doesn't.

Thank you. I should have explained that better.

I am not arguing that memcpy() is generally better for string handling.  The
sites I changed already have an explicit byte count, and some of them add the
terminating NUL immediately afterwards.  So they are not relying on strncpy()’s
padding behavior.

>
> At a quick glance, strlcpy() might be more suitable in some of the cases
> you found.
>

I don’t think strlcpy() fits these cases well.  It would reserve space for a
terminator, which would change exact-fit/truncation behavior in some output
paths.  It also treats the source as a NUL-terminated C string, while the ECPG
VARCHAR case is an arr/len buffer, not just a plain C string.

I left other strncpy() calls unchanged where the source may be shorter than the
fixed-size destination, because there the stop-at-NUL and padding behavior is
still useful.

Thanks,
Haibo


Reply via email to