Commit 9b9e3ec1 authored by Jim Meyering's avatar Jim Meyering Committed by Anthony Liguori

doc: update HACKING wrt strncpy/pstrcpy

Reword the section on strncpy: its NUL-filling is important
in some cases.  Mention that pstrcpy's signature is different.
Signed-off-by: default avatarJim Meyering <meyering@redhat.com>
Signed-off-by: default avatarAnthony Liguori <aliguori@us.ibm.com>
parent 9310b9be
......@@ -91,10 +91,11 @@ emulators.
4. String manipulation
Do not use the strncpy function. According to the man page, it does
*not* guarantee a NULL-terminated buffer, which makes it extremely dangerous
to use. Instead, use functionally equivalent function:
void pstrcpy(char *buf, int buf_size, const char *str)
Do not use the strncpy function. As mentioned in the man page, it does *not*
guarantee a NULL-terminated buffer, which makes it extremely dangerous to use.
It also zeros trailing destination bytes out to the specified length. Instead,
use this similar function when possible, but note its different signature:
void pstrcpy(char *dest, int dest_buf_size, const char *src)
Don't use strcat because it can't check for buffer overflows, but:
char *pstrcat(char *buf, int buf_size, const char *s)
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment