Rod.. Whitworth wrote:
/* Made up example of course */
- if (!strcmp(buf,"n/a"))
+ if (!strncmp(buf,"n/a",3))
you would have seen several instances of str*** func calls being
replaced by strn*** func when the str ones were unsafe. Seeing that it
The one has little to do with the other. What if buf, in the made-up
example, contains "n/abc"? strcmp() says it's not the same, while the
strncmp() line above does. Either function requires a valid,
NUL-terminated C string, and both need to be smart enough to not read
past that NUL (and they are.)
I highly doubt that a str?cmp() "fix" ever went in like that, unless the
different behavior was desired. It would be nice if Patrick could
mention what he specifically means, because such a patch would most
likely be wrong if it went in as an errenous "safe string function"
replacement attempt.
Moritz
