On Mon, 2010-06-28, Kushal Kumaran wrote: > On Mon, Jun 28, 2010 at 2:00 AM, Jorgen Grahn <grahn+n...@snipabacken.se> > wrote: >> On Sun, 2010-06-27, Lawrence D'Oliveiro wrote: >>> In message <roy-854954.20435125062...@news.panix.com>, Roy Smith wrote: >>> >>>> I recently fixed a bug in some production code. The programmer was >>>> careful to use snprintf() to avoid buffer overflows. The only problem >>>> is, he wrote something along the lines of: >>>> >>>> snprintf(buf, strlen(foo), foo); >>> >>> A long while ago I came up with this macro: >>> >>> #define Descr(v) &v, sizeof v >>> >>> making the correct version of the above become >>> >>> snprintf(Descr(buf), foo); >> >> This is off-topic, but I believe snprintf() in C can *never* safely be >> the only thing you do to the buffer: you also have to NUL-terminate it >> manually in some corner cases. See the documentation. > > snprintf goes to great lengths to be safe, in fact. You might be > thinking of strncpy.
Yes, it was indeed strncpy I was thinking of. Thanks. But actually, the snprintf(3) man page I have is not 100% clear on this issue, so last time I used it, I added a manual NUL-termination plus a comment saying I wasn't sure it was needed. I normally use C++ or Python, so I am a bit rusty on these things. /Jorgen -- // Jorgen Grahn <grahn@ Oo o. . . \X/ snipabacken.se> O o . -- http://mail.python.org/mailman/listinfo/python-list
