2010.07.08 16:25 "[Tiff] strlcpy vs strncpy", by Bob Friesenhahn

2010.07.12 19:30 "[Tiff] strncpy in tiffcrop", by Richard Nolde

Message: 1
> Date: Sun, 11 Jul 2010 13:36:30 -0400 (EDT)
> From: "Edward Lam"<edward@sidefx.com>
> Subject: Re: [Tiff] strlcpy vs strncpy

I only see problematic uses of strncpy in tiffcrop. The other uses of strncpy (tiff2pdf, tiffsplit) use the common practice of explicitly NUL terminating the destination buffer immediately afterwards (ie. perform truncation).

I'm usually pretty careful to make sure that the buffer is large enough to hold the original string plus the terminating NULL, but I'll check the code when I get a chance.

You may want to look at tiffcp as well (which I do not maintain).

Richard Nolde

I don't see any problems with switching to use of strlcpy() as a means to ensure safer (even if not ideal) behaviour. As long as this is a better than nothing solution. :)

> ------------------------------

> Tiff mailing list

> End of Tiff Digest, Vol 74, Issue 6
> ***********************************