In article <Pine.LNX.3.96.980517144346.10501A-100000at_private>, David Zhao <dzhaoat_private> writes: > in kdebase/kscreensaver/kscreensave.cpp: > > change: > line 18: strcpy( buffer, getenv("HOME") ); > to > strncpy( buffer, getenv("HOME"), 256); > Why do people like strncpy so much ? It sucks almost as badly as strcpy. strncpy has two drawbacks: - it always fills the buffer with nulls, which is a waste of time - It does NOT null terminate a string that's too long Also, getenv returns NULL if an environment variable does not exist, and not all OS's will check NULL access, so you can pick up garbage from adres 0 in your computer. Better fixing style: char *env; int len; env = getenv("HOME"); if (env) { len = strlen(env); if (len >= BUFLEN) len = BUFLEN-1; memcpy(buffer, env, len); env[len] = 0; } else do_something_intelligent();
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:53:56 PDT