[erlang-patches] [PATCH] erl_call: fix multiple buffer overflows
Sun Aug 22 23:04:02 CEST 2010
On Sun, Aug 22, 2010 at 09:50:22PM +0200, Daniel N?ri wrote:
> Beware that strncpy (being broken by design) leaves off the
> terminating '\0' when the destination buffer isn't large enough, so
> you need to make sure that 'h_hostname' and 'host_name' are properly
> null-terminated here.
Thanks! You are right, of course. I was sure the final extra byte of
the buffer had been null terminated somewhere in the preceeding code ...
I'll send out an updated patch.
> Or see [*] for a better solution.
> [*] http://en.wikipedia.org/wiki/Strlcpy
strlcpy is cool, but unfortunately not so portable.
Thanks for catching that!
More information about the erlang-patches