Re: [Gnu-arch-users] Emgergency release of tla-1.2.1pre1

[Robin Farine]

Aaron Bentley wrote:

> Matthieu Moy wrote:
>
> > The  code used  to extract  the  password from  the URL  uses a  buggy
> > implementation of strncpy that just forgets the final '\0'.
>
>
> strncpy isn't supposed to NUL-terminate the string.


I think Matthieu was referring to hackerlab's str_cpy_n() function 
which, according to the comment copied below, _has_ to null-terminate 
the target string.

    * \Warning:/ This function is different from `strncpy'.  `strncpy'
    * always stores exactly `n' characters in `to', padding the result
    * with 0 if a 0 character is encountered in `from' before `n'
    * characters are written.  This function stores up to `n+1' characters:
    * up to `n' non-0 characters from `from', plus a final 0.


Again, according to this comment, the padding is not necessary and thus 
I would propose this patch:

--- orig/char/str.c
+++ mod/char/str.c
@@ -540,9 +540,8 @@
         *to++ = *from++;
         --n;
       }
+      *to++ = 0;
    }
-  while (n--)
-    *to++ = 0;
  return answer;
}


Robin