On Tue, Dec 16, 2025 at 04:02:53PM +0200, Heikki Linnakangas wrote:
>> doc/src/sgml/ecpg.sgml: strncpy(name_buf, v.sqlname.data, v.sqlname.length);
>> doc/src/sgml/ecpg.sgml- name_buf[v.sqlname.length] = '\0';
>> --
>> doc/src/sgml/ecpg.sgml: strncpy(name_buf, v.sqlname.data, v.sqlname.length);
>> doc/src/sgml/ecpg.sgml- name_buf[v.sqlname.length] = '\0';
>> --
>> src/interfaces/ecpg/ecpglib/execute.c: strncpy(newcopy, (char *) var->value, slen);
>> src/interfaces/ecpg/ecpglib/execute.c- newcopy[slen] = '\0';
>> --
>> src/interfaces/ecpg/ecpglib/execute.c: strncpy(mallocedval, (char *) var->value, slen);
>> src/interfaces/ecpg/ecpglib/execute.c- mallocedval[slen] = '\0';
>> --
>> src/interfaces/ecpg/ecpglib/execute.c: strncpy(newcopy, variable->arr, variable->len);
>> src/interfaces/ecpg/ecpglib/execute.c- newcopy[variable->len] = '\0';
>
> I don't know if these depend on the zero-padding...
Good question. This code has never been changed since its
introduction in a4f25b6a9c2d...
But anyway, looking more closely I think that we should be OK with
just switching to strlcpy() as long as we do the call with a "len + 1"
and not "len" to account for the zero termination based on the
allocations done just before copying the values.
--
Michael
