On 27/10/2018 19.38, Steve Litt wrote:

> I say: You must use strncpy()/strncat() because strcpy()/strcat() are
>     soooooo old.

>
> What's it been now, 30 years since the strn versions of those
> commands have been around? You'd think they'd have taken that in and
> adopted it by now. But nooooooooooooooooooooooooo!

strcpy/strcat can be used safely if the length of the strings beforehand
is checked properly. I've seen people changing perfectly fine code
because some tool warned about functions being unsave, and then
introducing bugs in the process I had to fix afterwards. There was an
instance where some combination of strlen and strcpy was replaced by a
strncpy, and of course they forgot that strncpy doesn't add the null
byte if the buffer is full, and they missed that it fills the remaining
buffer with null bytes otherwise too. Sure strcpy is dangerous, but
strncpy isn't any better either. In fact, most things in c involving
pointers and/or arrays are dangerous to do, it's easy to misunderstand
semantics and intent of such code.

I think strlcpy/strlcat are the functions which are the easiest to not
use wrongly, but sadly they are non-standard, and even with those,
people will still manage to make mistakes.


Regards,

Daniel Abrecht