"Secure coding" audit checkers and Kerberos

[Nicolas Williams]

On Wed, Oct 15, 2008 at 12:47:42PM +1100, Luke Howard wrote:
> > * Instead of strcpy or strcat, use memcpy.  Remember to ensure that
> >  the string is terminated if you are not copying a terminator.
> 
> What about using strlcpy/strlcat (providing implementations for  
> platforms that don't support them).

+1.  I don't see the benefit of memcpy() vs. strcpy() unless you're
effectively building a set of strl*()-like utility functions.