On Wed, Apr 2, 2008 at 2:48 PM, Mike Erdely <[EMAIL PROTECTED]> wrote:
> -@@ -344,7 +344,7 @@ char *strdup( const char *s )
> -
> - if (result != NULL)
> - {
> -- strcpy( result, s );
> -+ strlcpy( result, s, sizeof(result) );
> - }
> -
> - return( result );
It seems worth pointing out that this patch is an example of
carelessly replacing strcpy with strlcpy. result here is a pointer,
not a fixed size array, so sizeof(result) just returns 4 or 8 instead
of the buffer size. (Of course, OpenBSD provides strdup in libc, so
this code isn't used, patched or not.)
