safe strcpy()?

From: Ed Carp (ercat_private)
Date: Mon Jan 27 2003 - 22:56:13 PST

  • Next message: listsat_private: "Re: malicious code"

    I've been skimming the discussions regarding strcpy() and friends, and the 
    thought arises that none of the string copy functions can be guaranteed to 
    be particularly safe, because the copy can always overwrite the memory 
    space allocated for the output buffer.
    
    This lef me to go back to my C textbooks (which I hadn't liiked in almost 
    20 years!), and start looking for a way to figure out how to determine how 
    much space was allocated to a string.  I was rather surprised to find that 
    I couldn't find such an animal!  Am I missing something here?
    
    Consider the simple case of:
    
    my_strcpy (char *to, char *from)
    {
    while(*from)
    {
    *to = *from;
    to++;
    from++;
    }
    return (from);
    }
    
    The problem arises if the memory allocation for from exceeds that for to.  
    Sizeof doesn't work - is there any way to programatically determine the 
    memory allocation for "to"?  I'm not interested in manual manipulation of 
    code, or suggestions on changing coding style - there should be a way in 
    the language to determine the size of an object at runtime.  Any clues 
    here?
    
    Thanks, guys!
    



    This archive was generated by hypermail 2b30 : Mon Jan 27 2003 - 23:40:51 PST