Home > mailing lists

Re: strncpy is not a safe version of strcpy - Mailing list pgsql-hackers

From	Alvaro Herrera
Subject	Re: strncpy is not a safe version of strcpy
Date	November 15, 2013 18:09:49
Msg-id	20131115150927.GA6220@eldon.alvh.no-ip.org Whole thread Raw
In response to	Re: strncpy is not a safe version of strcpy (David Rowley <dgrowleyml@gmail.com>)
Responses	Re: strncpy is not a safe version of strcpy (Kevin Grittner <kgrittn@ymail.com>) Re: strncpy is not a safe version of strcpy (David Rowley <dgrowleyml@gmail.com>)
List	pgsql-hackers

Tree view

David Rowley escribió:
> On Fri, Nov 15, 2013 at 12:33 PM, Tomas Vondra <tv@fuzzy.cz> wrote:

> > Be careful with 'Name' data type - it's not just a simple string buffer.
> > AFAIK it needs to work with hashing etc. so the zeroing is actually needed
> > here to make sure two values produce the same result. At least that's how
> > I understand the code after a quick check - for example this is from the
> > same jsonfuncs.c you mentioned:
> >
> >     memset(fname, 0, NAMEDATALEN);
> >     strncpy(fname, NameStr(tupdesc->attrs[i]->attname), NAMEDATALEN);
> >     hashentry = hash_search(json_hash, fname, HASH_FIND, NULL);
> >
> > So the zeroing is on purpose, although if strncpy does that then the
> > memset is probably superflous.

This code should probably be using namecpy().  Note namecpy() doesn't
memset() after strncpy() and has survived the test of time, which
strongly suggests that the memset is indeed superfluous.

-- 
Álvaro Herrera                http://www.2ndQuadrant.com/
PostgreSQL Development, 24x7 Support, Training & Services

pgsql-hackers by date:

From: Michael Paquier
Date: 15 November 2013, 18:05:14
Subject: Re: Turning recovery.conf into GUCs

From: Tom Lane
Date: 15 November 2013, 18:14:56
Subject: Re: Database disconnection and switch inside a single bgworker

Re: strncpy is not a safe version of strcpy - Mailing list pgsql-hackers

Previous

Next