Reply to post:

Did you hear the one about Cisco routers using strcpy insecurely for login authentication? Makes you go AAAAA-AAAAAAArrg *segfault*

Spamfast

Null suggested latterday C authors might want to switch to strlcpy instead, "a nonstandard function which takes a third length argument, and always null terminates".

Or better yet, the strncpy_s function that is standard in C11.

If using a pre-C11 compiler then write your own (from scratch or by encapsulating any provided non-standard one) until you can upgrade your compiler.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon