Why is strncpy insecure?

c++ c string strncpy
stimms picture stimms · May 15, 2009 · Viewed 53.4k times · Source

I am looking to find out why strncpy is considered insecure. Does anybody have any sort of documentation on this or examples of an exploit using it?

Answer

Tim picture Tim · May 15, 2009

Take a look at this site; it's a fairly detailed explanation. Basically, strncpy() doesn't require NUL termination, and is therefore susceptible to a variety of exploits.

Related questions

How do you reverse a string in place in C or C++?

How do you reverse a string in C or C++ without requiring a separate buffer to hold the reversed string?

Read More
What does the symbol \0 mean in a string-literal?

Consider following code: char str[] = "Hello\0"; What is the length of str array, and with how much 0s it is ending?

Read More
How do I print the full value of a long string in gdb?

I want to print the full length of a C-string in GDB. By default it's being abbreviated, how do I force GDB to print the whole string?

Read More