Announcement

Collapse
No announcement yet.

Proof that strlcpy is un-needed

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Proof that strlcpy is un-needed

    Code:
    #include <stdio.h>
    #include <stdlib.h>
    #include <string.h>
    
    int main(int argc, char *argv[]){
            char *input = argv[1];
            char *str;
    
            str = malloc(strlen(input)*sizeof(char));
            strcpy(str,input);
            printf("%s\n",str);
    }

  • #2
    Linus Torvalds and the Linux kernel developers do not care. In fact, so little do they care about your 'proof' that they added strlcpy() to the Linux kernel over 11 years ago.

    Comment


    • #3
      BTW, you do realize you have a buffer overflow in that code, don't you?

      Comment


      • #4
        Originally posted by endman View Post
        Code:
        #include <stdio.h>
        #include <stdlib.h>
        #include <string.h>
        
        int main(int argc, char *argv[]){
                char *input = argv[1];
                char *str;
        
                str = malloc(strlen(input)*sizeof(char));
                strcpy(str,input);
                printf("%s\n",str);
        }
        Malloc in the kernel is evil!

        Code:
        #include <stdio.h>
        #include <stdlib.h>
        #include <string.h>
        
        int main(int argc, char *argv[]){
                char *input = argv[1];
                char str[100];
        
                strcpy(str,input);
                printf("%s\n",str);
        }
        You know: string longer than 100 = overflow

        Best choice:

        Code:
        #include <stdio.h>
        #include <stdlib.h>
        #include <string.h>
        
        int min(int a,int b){return (a<b)?a:b;}
        
        int main(int argc, char *argv[]){
                char *input = argv[1];
                char str[100];
        
                memcpy(str,input,min(strlen(str)+1,100);
                printf("%s\n",str);
        }

        Comment


        • #5
          Originally posted by endman View Post
          Code:
          #include <stdio.h>
          #include <stdlib.h>
          #include <string.h>
          
          int main(int argc, char *argv[]){
                  char *input = argv[1];
                  char *str;
          
                  str = malloc(strlen(input)*sizeof(char));
                  strcpy(str,input);
                  printf("%s\n",str);
          }
          When used this way, strdup() is proof that neither strcpy() nor strlcpy() are needed.

          Code:
          #include <stdio.h>
          #include <stdlib.h>
          #include <string.h>
          
          int main(int argc, char *argv[]){
                  char *input = argv[1];
                  char *str;
          
                  str = strdup(input);
          
                  printf("%s\n",str);
          }

          Comment


          • #6
            Since you can just write your stuff in inline assembly, none of these functions are needed.

            Comment


            • #7
              Proof that &lt;string.h&gt; un-needed

              Code:
              #include <stdio.h>
              #include <stdlib.h>
              
              #define MAXS 100
              
              int main(int argc, char *argv[]){
                      char *input = argv[1];
                      char* ptr;
                      char str[MAXS];
                      ptr = str;
              
                      int n=MAXS;
                      while(n--&&*input)*(ptr++)=*(input++);
                      *ptr=0;
                      printf("%s\n",str);
              }

              Comment

              Working...
              X