| From: | Stephen Frost <sfrost(at)snowman(dot)net> |
|---|---|
| To: | Tom Lane <tgl(at)sss(dot)pgh(dot)pa(dot)us> |
| Cc: | Andres Freund <andres(at)2ndquadrant(dot)com>, Tomas Vondra <tv(at)fuzzy(dot)cz>, David Rowley <dgrowleyml(at)gmail(dot)com>, Kevin Grittner <kgrittn(at)postgresql(dot)org>, PostgreSQL-development <pgsql-hackers(at)postgresql(dot)org> |
| Subject: | Re: strncpy is not a safe version of strcpy |
| Date: | 2013-11-15 15:48:09 |
| Message-ID: | 20131115154809.GD17272@tamriel.snowman.net |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
* Tom Lane (tgl(at)sss(dot)pgh(dot)pa(dot)us) wrote:
> Andres Freund <andres(at)2ndquadrant(dot)com> writes:
> > I didn't argue against s/strncpy/strlcpy/. That's clearly a sensible
> > fix.
> > I am arguing about introducing additional code and error messages about
> > it, that need to be translated. And starting doing so in isolationtester
> > of all places.
>
> I agree with Andres on this. Commit
> 7cb964acb794078ef033cbf2e3a0e7670c8992a9 is the very definition of
> overkill, and I don't want to see us starting to plaster the source
> code with things like this. Converting strncpy to strlcpy seems
> appropriate --- and sufficient.
Personally, I'd like to see better handling like this- but done in a way
which minimizes impact to code and translators. A function like
namecpy() (which I agree with Kevin about- curious that it's not used..)
which handled the check, errmsg and exit seems reasonable to me, for the
"userland" binaries (and perhaps the postmaster when doing command-line
checking of, eg, -D) that need it.
Still, I'm not offering to go do it, so take my feelings on it with that
in mind. :)
Thanks,
Stephen
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Andres Freund | 2013-11-15 15:49:50 | Re: SSL renegotiation |
| Previous Message | Tom Lane | 2013-11-15 15:43:23 | Re: SSL renegotiation |