Revision as of 13:07, 26 April 2019 edit 194.39.218.10 (talk) Fixed a bug in the "secure_copy" function. strlen returns size_t and not int. ← Previous edit		Revision as of 13:03, 27 January 2020 edit undo Frap (talk \| contribs) Extended confirmed users, File movers, Pending changes reviewers, Rollbackers 35,599 edits m →Buffer-overflow prevention Next edit →
Line 21: int secure_function(char * user_input) { char dst[BUF_SIZE]; // copy a maximum of BUF_SIZE bytes strncpy(dst, user_input,BUF_SIZE); } Line 28: size_t len = strlen(src); char * dst = (char *) malloc(len + 1); if (dst != NULL) { strncpy(dst, src, len); // append null terminator dst[len] = '\0'; }

Secure coding: Difference between revisions