Skip to content

Potential buffer overflow/truncation / null-terminated strings #284

Open
@kamahen

Description

@kamahen

The compiler flagged a number of potential errors with the use of strncpy(), which have been fixed with #283.

However, there might be other such errors.
Also, null-terminated strings could introduce obscure bugs if any strings have embedded nulls (unlikely, but possible).
And the current code does its own buffer handling, re-allocating the buffers if needed when appending.

A better solution is to use std::string -- it handles buffer reallocation and also can handle nulls within strings.
Making this change would reduce the amount of code somewhat, which would reduce the probability of errors.

It would also probably help to change functions that pass char* parameters or return char* values (or update char** parameters). For public APIs, the existing char* ones could be preserved by adding equivalent std::string or const std::string& APIs.

If you wish some help with making these changes, please ask.

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions