"Secure coding" audit checkers and Kerberos
Nicolas.Williams at sun.com
Wed Oct 15 00:08:02 EDT 2008
On Wed, Oct 15, 2008 at 12:47:42PM +1100, Luke Howard wrote:
> > * Instead of strcpy or strcat, use memcpy. Remember to ensure that
> > the string is terminated if you are not copying a terminator.
> What about using strlcpy/strlcat (providing implementations for
> platforms that don't support them).
+1. I don't see the benefit of memcpy() vs. strcpy() unless you're
effectively building a set of strl*()-like utility functions.
More information about the krbdev