[GRASS5] str*() vs strn*() functions
rez at touchofmadness.com
Fri Aug 26 21:35:47 EDT 2005
On Sat, 2005-08-27 at 02:14 +0100, Glynn Clements wrote:
> Brad Douglas wrote:
> > > > Specifying the string length has security benefits.
> > >
> > > What is the problem with using strcmp specifically?
> > Buffer overflow attacks.
> I think you're getting confused with strcpy/strncpy. strcmp only reads
> the strings, it doesn't write anything so it can't cause a buffer
You are correct. Thank you for the reminder.
Brad Douglas <rez at touchofmadness.com>
More information about the grass-dev