Re: strncpy is not a safe version of strcpy
| От | Noah Misch |
|---|---|
| Тема | Re: strncpy is not a safe version of strcpy |
| Дата | |
| Msg-id | 20140816032655.GA361872@tornado.leadboat.com обсуждение исходный текст |
| Ответ на | Re: strncpy is not a safe version of strcpy (David Rowley <dgrowleyml@gmail.com>) |
| Ответы |
Re: strncpy is not a safe version of strcpy
|
| Список | pgsql-hackers |
On Sat, Aug 16, 2014 at 10:38:39AM +1200, David Rowley wrote: > On Thu, Aug 14, 2014 at 4:13 PM, Noah Misch <noah@leadboat.com> wrote: > > > I share your (Kevin's) discomfort with our use of strlcpy(). I wouldn't > > mind > > someone replacing most strlcpy()/snprintf() calls with calls to wrappers > > that > > ereport(ERROR) on truncation. Though as reliability problems go, this one > > has > > been minor. > > > > > Or maybe it would be better to just remove the restriction and just palloc > something of the correct size? > Although, that sounds like a much larger patch. I'd vote that the strlcpy > should be used in the meantime. I agree that, in principle, dynamic allocation might be better still. I also agree that it would impose more code churn, for an awfully-narrow benefit. Barring objections, I will commit your latest patch with some comments about why truncation is harmless for those two particular calls. -- Noah Misch EnterpriseDB http://www.enterprisedb.com
В списке pgsql-hackers по дате отправления: