diff options
| author | Jim Meyering | 2012-10-04 13:10:03 +0200 |
|---|---|---|
| committer | Anthony Liguori | 2012-10-05 14:58:38 +0200 |
| commit | 9b9e3ec1b47f615f635055924e24705cc3f45b20 (patch) | |
| tree | 951ed754f2d9093fe7680a86b470c1a1f6441dd2 | |
| parent | hw/r2d: add comment: this strncpy use is ok (diff) | |
| download | qemu-9b9e3ec1b47f615f635055924e24705cc3f45b20.tar.gz qemu-9b9e3ec1b47f615f635055924e24705cc3f45b20.tar.xz qemu-9b9e3ec1b47f615f635055924e24705cc3f45b20.zip | |
doc: update HACKING wrt strncpy/pstrcpy
Reword the section on strncpy: its NUL-filling is important
in some cases. Mention that pstrcpy's signature is different.
Signed-off-by: Jim Meyering <meyering@redhat.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
| -rw-r--r-- | HACKING | 9 |
1 files changed, 5 insertions, 4 deletions
@@ -91,10 +91,11 @@ emulators. 4. String manipulation -Do not use the strncpy function. According to the man page, it does -*not* guarantee a NULL-terminated buffer, which makes it extremely dangerous -to use. Instead, use functionally equivalent function: -void pstrcpy(char *buf, int buf_size, const char *str) +Do not use the strncpy function. As mentioned in the man page, it does *not* +guarantee a NULL-terminated buffer, which makes it extremely dangerous to use. +It also zeros trailing destination bytes out to the specified length. Instead, +use this similar function when possible, but note its different signature: +void pstrcpy(char *dest, int dest_buf_size, const char *src) Don't use strcat because it can't check for buffer overflows, but: char *pstrcat(char *buf, int buf_size, const char *s) |