On Feb 21, 10:29*pm, Keith Thompson <ks...@mib.org> wrote:
> Not really. *My complaint is that strncpy() is in the standard library
> with the name "strncpy", and that too many programmers use it
What's worse is that often the wrong use won't be detected.
strncpy() appears to eb a safe strcpy() if the buffer length is never
exceeded. Since normally the buffer will be larger than any string you
expect, this often won't be tested. Who's going to pass a string of
more than FILE_MAX to a program?
Then even if it is tested, there's a reasonable chance that the
character immediately folowing the buffer is a byte of value zero. So
it might well appear to a casual tester that the fucntin has worked as
expected - he might not notice the extra character.