Why are strlcpy and strlcat considered insecure?

前端 未结 7 1038
一整个雨季
一整个雨季 2020-11-22 05:49

I understand that strlcpy and strlcat were designed as secure replacements for strncpy and strncat. However, some people

相关标签:
7条回答
  • 2020-11-22 06:38

    I think Ulrich and others think it'll give a false sense of security. Accidentally truncating strings can have security implications for other parts of the code (for example, if a file system path is truncated, the program might not be performing operations on the intended file).

    0 讨论(0)
提交回复
热议问题