"Secure coding" audit checkers and Kerberos

Nicolas Williams Nicolas.Williams at sun.com
Wed Oct 15 00:08:02 EDT 2008

On Wed, Oct 15, 2008 at 12:47:42PM +1100, Luke Howard wrote:
> > * Instead of strcpy or strcat, use memcpy.  Remember to ensure that
> >  the string is terminated if you are not copying a terminator.
> What about using strlcpy/strlcat (providing implementations for  
> platforms that don't support them).

+1.  I don't see the benefit of memcpy() vs. strcpy() unless you're
effectively building a set of strl*()-like utility functions.

More information about the krbdev mailing list