Re: strncpy is not a safe version of strcpy

On 2013-11-15 04:21:50 +0100, Tomas Vondra wrote:
> Hmm, you mean this piece of code?
> 
>    strncpy(saved_argv0, argv[0], MAXPGPATH);
> 
> IMHO you're right that's probably broken, unless there's some checking
> happening before the call.

FWIW, argv0 is pretty much guaranteed to be shorter than MAXPGPATH since
MAXPGPATH is the longest a path can be, and argv[0] is either the executable's
name (if executed via PATH) or the path to the executable.
Now, you could probably write a program to exeve() a binary with argv[0]
being longer, but in that case you can also just put garbage in there.

Greetings,

Andres Freund

-- Andres Freund                       http://www.2ndQuadrant.com/PostgreSQL Development, 24x7 Support, Training &
Services