[GRASS5] str*() vs strn*() functions

Glynn Clements glynn at gclements.plus.com
Fri Aug 26 21:14:33 EDT 2005


Brad Douglas wrote:

> > > Specifying the string length has security benefits.
> > 
> > What is the problem with using strcmp specifically?
> 
> Buffer overflow attacks.

I think you're getting confused with strcpy/strncpy. strcmp only reads
the strings, it doesn't write anything so it can't cause a buffer
overflow.

-- 
Glynn Clements <glynn at gclements.plus.com>




More information about the grass-dev mailing list