Relay-Version: version B 2.10 5/3/83; site utzoo.UUCP
Posting-Version: version B 2.10.2 9/18/84; site cadre.ARPA
Path: utzoo!watmath!clyde!burl!ulysses!allegra!mit-eddie!genrad!decvax!mcnc!idis!cadre!km
From: km@cadre.UUCP
Newsgroups: net.lang.c
Subject: Re: Copy strings with "strcpy", not an idiom
Message-ID: <402@cadre.ARPA>
Date: Tue, 19-Mar-85 14:05:38 EST
Article-I.D.: cadre.402
Posted: Tue Mar 19 14:05:38 1985
Date-Received: Fri, 22-Mar-85 01:30:13 EST
References: <7042@watdaisy.UUCP> <7044@watdaisy.UUCP> <1040@mordor.UUCP> <741@sdcsvax.UUCP>
Reply-To: km@cadre.ARPA (Ken Mitchum)
Distribution: net
Organization: Decision Systems Lab., University of Pittsburgh
Lines: 17
Summary: 


>Unfortunately, the string copy routines in the standard library are
>neither safe nor convenient.  strcpy is only usable if you KNOW that
>overrunning is impossible.  strncpy is totally unusable because if
>overrunning occurs, it may not nul terminate the destination, and
>no indication is returned to allow detection of this event.

YES YES YES! What is worse is that overrunning may not cause a noticeable
effect on a given machine, and the problem is not realized until the
code is ported to a second machine. When we ported the Jove sources
from vax/unix to ibm-pc/ms-dos this exact problem occurred: an incorrect use
of strncpy() resulted in an overrun with no terminal '/0': this had no
noticeable effect on the vax, but repeatedly crashed the program on the pc.
The effects of the overrun were of course on data that was referenced
far away from the actual error in the code - making debugging exceedingly
difficult.