[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openbsd-tech
Subject:    ssh: xstrdup(): use memcpy(3)
From:       Scott Cheloha <scottcheloha () gmail ! com>
Date:       2022-03-10 1:20:08
Message-ID: 20220310012008.vgprdgrnvgu6o7mr () jetsam ! attlocal ! net
[Download RAW message or body]

The strdup(3) implementation in libc uses memcpy(3), not strlcpy(3).

There is no upside to using strlcpy(3) here if we know the length of
str before we copy it to the destination buffer.

... unless we're worried the length of str will change?  Which would
be very paranoid.  But if that's the case we should be checking that
the return value of strlcpy(3) equals len and calling fatal() if it
isn't.

ok?

Index: xmalloc.c
===================================================================
RCS file: /cvs/src/usr.bin/ssh/xmalloc.c,v
retrieving revision 1.36
diff -u -p -r1.36 xmalloc.c
--- xmalloc.c	12 Nov 2019 22:32:48 -0000	1.36
+++ xmalloc.c	10 Mar 2022 01:06:54 -0000
@@ -85,8 +85,7 @@ xstrdup(const char *str)
 
 	len = strlen(str) + 1;
 	cp = xmalloc(len);
-	strlcpy(cp, str, len);
-	return cp;
+	return memcpy(cp, str, len);
 }
 
 int

[prev in list] [next in list] [prev in thread] [next in thread]