------- client.c ------- --- /tmp/sccs.S8aiFC Thu Jul 27 16:25:35 2006 +++ ./client/client.c Thu Jul 27 15:23:14 2006 @@ -3083,14 +3083,12 @@ int i; if ((p = strchr_m(cmd, ';')) == 0) { - strncpy(line, cmd, 999); - line[1000] = '\0'; + strlcpy(line, cmd, 1000); cmd += strlen(cmd); } else { if (p - cmd > 999) p = cmd + 999; - strncpy(line, cmd, p - cmd); - line[p - cmd] = '\0'; + strlcpy(line, cmd, p - cmd); cmd = p + 1; } @@ -3185,8 +3183,7 @@ info.samelen = info.len = len-i-1; if (i > 0) { - strncpy(info.dirmask, text, i+1); - info.dirmask[i+1] = 0; + strlcpy(info.dirmask, text, i+1); pstr_sprintf(dirmask, "%s%*s*", cur_dir, i-1, text); } else { pstr_sprintf(dirmask, "%s*", cur_dir); @@ -3201,8 +3198,7 @@ info.matches[0] = SMB_MALLOC(info.samelen+1); if (!info.matches[0]) goto cleanup; - strncpy(info.matches[0], info.matches[1], info.samelen); - info.matches[0][info.samelen] = 0; + strlcpy(info.matches[0], info.matches[1], info.samelen); } info.matches[info.count] = NULL; return info.matches; @@ -3285,8 +3281,7 @@ matches[0] = SMB_MALLOC(samelen+1); if (!matches[0]) goto cleanup; - strncpy(matches[0], matches[1], samelen); - matches[0][samelen] = 0; + strlcpy(matches[0], matches[1], samelen); } matches[count] = NULL; return matches; ------- clitar.c ------- --- /tmp/sccs.L_aOFC Thu Jul 27 16:25:35 2006 +++ ./client/clitar.c Thu Jul 27 15:23:12 2006 @@ -1085,7 +1085,7 @@ /* First, add cur_dir to the long file name */ if (strlen(cur_dir) > 0) { - strncpy(longname, cur_dir, namesize); + strlcpy(longname, cur_dir, namesize); offset = strlen(cur_dir); } ------- mount.cifs.c ------- --- /tmp/sccs.SdaaGC Thu Jul 27 16:25:35 2006 +++ ./client/mount.cifs.c Thu Jul 27 15:25:59 2006 @@ -176,10 +176,10 @@ exit(1); } else { got_user = 1; - user_name = calloc(1 + length,1); + user_name = calloc(length,1); /* BB adding free of user_name string before exit, not really necessary but would be cleaner */ - strncpy(user_name,temp_val, length); + strlcpy(user_name,temp_val, length); } } } else if (strncasecmp("password",line_buf+i,8) == 0) { @@ -204,7 +204,7 @@ } else memset(mountpassword,0,64); if(mountpassword) { - strncpy(mountpassword,temp_val,length); + strlcpy(mountpassword,temp_val,length); got_password = 1; } } @@ -232,7 +232,7 @@ } else memset(domain_name,0,64); if(domain_name) { - strncpy(domain_name,temp_val,length); + strlcpy(domain_name,temp_val,length); got_domain = 1; } } @@ -380,7 +380,7 @@ printf("\nmount.cifs warning - password specified twice\n"); got_password = 1; percent_char++; - strncpy(mountpassword, percent_char,64); + strlcpy(mountpassword, percent_char,64); /* remove password from username */ while(*percent_char != 0) { *percent_char = ','; @@ -778,7 +778,7 @@ } *share = '/'; - strncpy((*punc_name)+2,unc_name,length); + strlcpy((*punc_name)+2,unc_name,length); unc_name = *punc_name; unc_name[length+2] = 0; goto continue_unc_parsing; @@ -1033,7 +1033,7 @@ mountpassword = calloc(65,1); if(mountpassword) { got_password = 1; - strncpy(mountpassword,optarg,64); + strlcpy(mountpassword,optarg,65); } break; case 'S': @@ -1057,7 +1057,7 @@ if(mountpassword == NULL) mountpassword = calloc(65,1); if(mountpassword) { - strncpy(mountpassword,getenv("PASSWD"),64); + strlcpy(mountpassword,getenv("PASSWD"),65); got_password = 1; } } else if (getenv("PASSWD_FD")) { ------- smbctool.c ------- --- /tmp/sccs.wgayGC Thu Jul 27 16:25:35 2006 +++ ./client/smbctool.c Thu Jul 27 15:36:01 2006 @@ -120,24 +120,24 @@ if (authSet) { - strncpy(pWorkgroup, authWorkgroup, maxLenWorkgroup - 1); - strncpy(pUsername, authUsername, maxLenUsername - 1); - strncpy(pPassword, authPassword, maxLenPassword - 1); + strlcpy(pWorkgroup, authWorkgroup, maxLenWorkgroup); + strlcpy(pUsername, authUsername, maxLenUsername); + strlcpy(pPassword, authPassword, maxLenPassword); } else { d_printf("Workgroup: %s\n", workgroup); - strncpy(pWorkgroup, workgroup, maxLenWorkgroup - 1); - strncpy(authWorkgroup, workgroup, maxLenWorkgroup - 1); + strlcpy(pWorkgroup, workgroup, maxLenWorkgroup); + strlcpy(authWorkgroup, workgroup, maxLenWorkgroup); d_printf("Username: %s\n", username); - strncpy(pUsername, username, maxLenUsername - 1); - strncpy(authUsername, username, maxLenUsername - 1); + strlcpy(pUsername, username, maxLenUsername); + strlcpy(authUsername, username, maxLenUsername); if (cmdline_auth_info.got_pass) { - strncpy(pPassword, cmdline_auth_info.password, maxLenPassword - 1); - strncpy(authPassword, cmdline_auth_info.password, maxLenPassword - 1); + strlcpy(pPassword, cmdline_auth_info.password, maxLenPassword); + strlcpy(authPassword, cmdline_auth_info.password, maxLenPassword); } else { @@ -150,8 +150,8 @@ } if (temp[0] != '\0') { - strncpy(pPassword, temp, maxLenPassword - 1); - strncpy(authPassword, pPassword, maxLenPassword - 1); + strlcpy(pPassword, temp, maxLenPassword); + strlcpy(authPassword, pPassword, maxLenPassword); } } pstrcpy(cmdline_auth_info.username, authUsername); @@ -3059,14 +3059,12 @@ int i; if ((p = strchr_m(cmd, ';')) == 0) { - strncpy(line, cmd, 999); - line[1000] = '\0'; + strlcpy(line, cmd, 1000); cmd += strlen(cmd); } else { if (p - cmd > 999) p = cmd + 999; - strncpy(line, cmd, p - cmd); - line[p - cmd] = '\0'; + strlcpy(line, cmd, p - cmd); cmd = p + 1; } @@ -3155,8 +3153,7 @@ info.samelen = info.len = len-i-1; if (i > 0) { - strncpy(info.dirmask, text, i+1); - info.dirmask[i+1] = 0; + strlcpy(info.dirmask, text, i); pstr_sprintf(dirmask, "%s%*s*", cur_dir, i-1, text); } else pstr_sprintf(dirmask, "%s*", cur_dir); @@ -3170,8 +3167,7 @@ info.matches[0] = SMB_MALLOC(info.samelen+1); if (!info.matches[0]) goto cleanup; - strncpy(info.matches[0], info.matches[1], info.samelen); - info.matches[0][info.samelen] = 0; + strlcpy(info.matches[0], info.matches[1], info.samelen); } info.matches[info.count] = NULL; return info.matches; @@ -3254,8 +3250,7 @@ matches[0] = SMB_MALLOC(samelen+1); if (!matches[0]) goto cleanup; - strncpy(matches[0], matches[1], samelen); - matches[0][samelen] = 0; + strlcpy(matches[0], matches[1], samelen); } matches[count] = NULL; return matches; ------- smbmount.c ------- --- /tmp/sccs.ykaWGC Thu Jul 27 16:25:36 2006 +++ ./client/smbmount.c Thu Jul 27 15:36:00 2006 @@ -838,7 +838,7 @@ } else if(!strcmp(opts, "lfs")) { smbfs_has_lfs = True; } else { - strncpy(p, opts, sizeof(pstring) - (p - options) - 1); + strlcpy(p, opts, sizeof(pstring) - (p - options)); p += strlen(opts); *p++ = ','; *p = 0; ------- smbspool.c ------- --- /tmp/sccs.flaiHC Thu Jul 27 16:25:36 2006 +++ ./client/smbspool.c Thu Jul 27 15:36:00 2006 @@ -135,9 +135,9 @@ dev_uri = getenv("DEVICE_URI"); if (dev_uri) - strncpy(uri, dev_uri, sizeof(uri) - 1); + strlcpy(uri, dev_uri, sizeof(uri)); else if (strncmp(argv[0], "smb://", 6) == 0) - strncpy(uri, argv[0], sizeof(uri) - 1); + strncpy(uri, argv[0], sizeof(uri)); else { fputs("ERROR: No device URI found in DEVICE_URI environment variable or argv[0] !\n", stderr); ------- smbumount.c ------- --- /tmp/sccs.ynaGHC Thu Jul 27 16:25:36 2006 +++ ./client/smbumount.c Thu Jul 27 15:35:59 2006 @@ -96,7 +96,7 @@ if (realpath (path, canonical)) return canonical; - strncpy (canonical, path, PATH_MAX); + strlcpy(canonical, path, PATH_MAX); canonical[PATH_MAX] = '\0'; return canonical; } ------- tree.c ------- --- /tmp/sccs.sqa4HC Thu Jul 27 16:25:36 2006 +++ ./client/tree.c Thu Jul 27 15:35:58 2006 @@ -134,7 +134,7 @@ if (p) { p->type = type; - strncpy(p->name, name, sizeof(p->name)); + strlcpy(p->name, name, sizeof(p->name)); } @@ -162,7 +162,7 @@ /* Now, get the private data for the subtree */ - strncpy(path, get_path(child), 1024); + strlcpy(path, get_path(child), 1024); if ((dh = smbc_opendir(path)) < 0) { /* Handle error */ @@ -199,7 +199,7 @@ /* Format each of the items ... */ - strncpy(col1, dirp->name, 128); + strlcpy(col1, dirp->name, 128); col2[0] = col3[0] = col4[0] = (char)0; @@ -211,19 +211,19 @@ case SMBC_SERVER: - strncpy(col2, (dirp->comment?dirp->comment:""), 128); + strlcpy(col2, (dirp->comment?dirp->comment:""), 128); break; case SMBC_FILE_SHARE: - strncpy(col2, (dirp->comment?dirp->comment:""), 128); + strlcpy(col2, (dirp->comment?dirp->comment:""), 128); break; case SMBC_PRINTER_SHARE: - strncpy(col2, (dirp->comment?dirp->comment:""), 128); + strlcpy(col2, (dirp->comment?dirp->comment:""), 128); break; case SMBC_COMMS_SHARE: @@ -242,8 +242,8 @@ if ((strcmp(dirp->name, ".") != 0) && (strcmp(dirp->name, "..") != 0)) { - strncpy(path1, path, sizeof(path1)); - strncat(path1, "/", sizeof(path) - strlen(path)); + strlcpy(path1, path, sizeof(path1)); + strcat(path1, "/", sizeof(path) - strlen(path)); strncat(path1, dirp->name, sizeof(path) - strlen(path)); if (smbc_stat(path1, &st1) < 0) { @@ -260,7 +260,7 @@ } else { - strncpy(col2, "Device or resource busy", sizeof(col2)); + strlcpy(col2, "Device or resource busy", sizeof(col2)); } } @@ -597,8 +597,8 @@ char *password, int pwmaxlen) { - strncpy(username, "test", unmaxlen); - strncpy(password, "test", pwmaxlen); + strlcpy(username, "test", unmaxlen); + strlcpy(password, "test", pwmaxlen); } ------- dictionary.c ------- No differences encountered ------- iniparser.c ------- No differences encountered ------- debug.c ------- --- /tmp/sccs.ByaaJC Thu Jul 27 16:25:37 2006 +++ ./lib/debug.c Thu Jul 27 15:35:57 2006 @@ -243,7 +243,7 @@ } for (i = 0; i < debug_num_classes; i++) { int l = strlen(list[i]); - strncpy(b, list[i], l); + strlcpy(b, list[i], l); b = b + l; } b[-1] = '\n'; /* replace last space with newline */ ------- interfaces.c ------- --- /tmp/sccs.CAayJC Thu Jul 27 16:25:37 2006 +++ ./lib/interfaces.c Thu Jul 27 15:35:56 2006 @@ -142,8 +142,7 @@ nmask = ((struct sockaddr_in *)&ifr[i].ifr_addr)->sin_addr; - strncpy(ifaces[total].name, iname, sizeof(ifaces[total].name)-1); - ifaces[total].name[sizeof(ifaces[total].name)-1] = 0; + strlcpy(ifaces[total].name, iname, sizeof(ifaces[total].name)); ifaces[total].ip = ipaddr; ifaces[total].netmask = nmask; total++; ------- ldap_escape.c ------- --- /tmp/sccs.uEaWJC Thu Jul 27 16:25:37 2006 +++ ./lib/ldap_escape.c Thu Jul 27 15:35:55 2006 @@ -74,7 +74,7 @@ } p = &output[i]; - strncpy (p, sub, 3); + strlcpy (p, sub, 3); p += 3; i += 3; ------- substitute.c ------- --- /tmp/sccs.qHaiKC Thu Jul 27 16:25:37 2006 +++ ./lib/substitute.c Thu Jul 27 15:53:30 2006 @@ -212,8 +212,7 @@ return NULL; } - strncpy(envname,r,copylen); - envname[copylen] = '\0'; + strlcpy(envname,r,copylen); if ((envval = getenv(envname)) == NULL) { DEBUG(0,("expand_env_var: Environment variable [%s] not set\n", envname)); @@ -227,8 +226,7 @@ */ copylen = q + 1 - p; - strncpy(envname,p,copylen); - envname[copylen] = '\0'; + strlcpy(envname,p,copylen); r = realloc_string_sub(str, envname, envval); SAFE_FREE(envname); @@ -312,9 +310,9 @@ r = p+2; copylen = MIN( (q-r), (sizeof(varname)-1) ); - strncpy(varname, r, copylen); - varname[copylen] = '\0'; + strlcpy(varname, r, copylen); + if ((value = get_longvar_val(varname)) == NULL) { DEBUG(0,("realloc_expand_longvar: Variable [%s] not set. Skipping\n", varname)); return str; @@ -323,8 +321,7 @@ /* Copy the full %(NAME) into envname so it can be replaced.*/ copylen = MIN( (q+1-p),(sizeof(varname)-1) ); - strncpy( varname, p, copylen ); - varname[copylen] = '\0'; + strlcpy( varname, p, copylen ); r = realloc_string_sub(str, varname, value); SAFE_FREE( value ); @@ -421,7 +418,7 @@ char *s; if ( (s = alloc_sub_basic( smb_name, domain_name, str )) != NULL ) { - strncpy( str, s, len ); + strlcpy( str, s, len ); } SAFE_FREE( s ); @@ -765,7 +762,7 @@ gid, smb_name, domain_name, str); if ( s ) { - strncpy( str, s, len ); + strlcpy( str, s, len ); SAFE_FREE( s ); } } ------- kerberos.c ------- --- /tmp/sccs.qKaGKC Thu Jul 27 16:25:37 2006 +++ ./libads/kerberos.c Thu Jul 27 15:53:29 2006 @@ -45,7 +45,7 @@ memset(prompts[0].reply->data, '\0', prompts[0].reply->length); if (prompts[0].reply->length > 0) { if (data) { - strncpy(prompts[0].reply->data, data, prompts[0].reply->length-1); + strlcpy(prompts[0].reply->data, data, prompts[0].reply->length); prompts[0].reply->length = strlen(prompts[0].reply->data); } else { prompts[0].reply->length = 0; ------- krb5_setpw.c ------- --- /tmp/sccs.7La4KC Thu Jul 27 16:25:37 2006 +++ ./libads/krb5_setpw.c Thu Jul 27 15:53:29 2006 @@ -667,7 +667,7 @@ memset(prompts[0].reply->data, 0, prompts[0].reply->length); if (prompts[0].reply->length > 0) { if (data) { - strncpy(prompts[0].reply->data, data, prompts[0].reply->length-1); + strlcpy(prompts[0].reply->data, data, prompts[0].reply->length); prompts[0].reply->length = strlen(prompts[0].reply->data); } else { prompts[0].reply->length = 0; ------- libmsrpc.c ------- --- /tmp/sccs.tQaqLC Thu Jul 27 16:25:38 2006 +++ ./libmsrpc/libmsrpc.c Thu Jul 27 15:53:28 2006 @@ -111,7 +111,7 @@ hnd->netbios_name = SMB_STRDUP(hnd->_internal.ctx->netbios_name); } else if(hnd->netbios_name[0] == '\0') { - strncpy(hnd->netbios_name, hnd->_internal.ctx->netbios_name, sizeof(fstring)); + strlcpy(hnd->netbios_name, hnd->_internal.ctx->netbios_name, sizeof(fstring)); } if(!hnd->username) { @@ -118,7 +118,7 @@ hnd->username = SMB_STRDUP(hnd->_internal.ctx->user); } else if(hnd->username[0] == '\0') { - strncpy(hnd->username, hnd->_internal.ctx->user, sizeof(fstring)); + strlcpy(hnd->username, hnd->_internal.ctx->user, sizeof(fstring)); } if(!hnd->domain) { @@ -125,7 +125,7 @@ hnd->domain = SMB_STRDUP(hnd->_internal.ctx->workgroup); } else if(hnd->domain[0] == '\0') { - strncpy(hnd->domain, hnd->_internal.ctx->workgroup, sizeof(fstring)); + strlcpy(hnd->domain, hnd->_internal.ctx->workgroup, sizeof(fstring)); } return CAC_SUCCESS; @@ -284,9 +284,9 @@ if (authSet) { - strncpy(pWorkgroup, authWorkgroup, maxLenWorkgroup - 1); - strncpy(pUsername, authUsername, maxLenUsername - 1); - strncpy(pPassword, authPassword, maxLenPassword - 1); + strlcpy(pWorkgroup, authWorkgroup, maxLenWorkgroup); + strlcpy(pUsername, authUsername, maxLenUsername); + strlcpy(pPassword, authPassword, maxLenPassword); } else { @@ -301,8 +301,8 @@ if (temp[0] != '\0') { - strncpy(pWorkgroup, temp, maxLenWorkgroup - 1); - strncpy(authWorkgroup, temp, maxLenWorkgroup - 1); + strlcpy(pWorkgroup, temp, maxLenWorkgroup); + strlcpy(authWorkgroup, temp, maxLenWorkgroup); } d_printf("Username: [%s] ", pUsername); @@ -315,8 +315,8 @@ if (temp[0] != '\0') { - strncpy(pUsername, temp, maxLenUsername - 1); - strncpy(authUsername, pUsername, maxLenUsername - 1); + strlcpy(pUsername, temp, maxLenUsername); + strlcpy(authUsername, pUsername, maxLenUsername); } pass = getpass("Password: "); @@ -328,8 +328,8 @@ } if (temp[0] != '\0') { - strncpy(pPassword, temp, maxLenPassword - 1); - strncpy(authPassword, pPassword, maxLenPassword - 1); + strlcpy(pPassword, temp, maxLenPassword); + strlcpy(authPassword, pPassword, maxLenPassword); } authSet = 1; } ------- clidgram.c ------- --- /tmp/sccs.pTaOLC Thu Jul 27 16:25:38 2006 +++ ./libsmb/clidgram.c Thu Jul 27 15:53:27 2006 @@ -188,7 +188,7 @@ } - strncpy(servername, cli_backup_list, MIN(16, namesize)); + strlcpy(servername, cli_backup_list, MIN(16, namesize)); return True; ------- clilist.c ------- --- /tmp/sccs.CWaaMC Thu Jul 27 16:25:38 2006 +++ ./libsmb/clilist.c Thu Jul 27 15:53:27 2006 @@ -392,8 +392,7 @@ finfo->size = IVAL(p,26); clistr_pull(cli, finfo->name, p+30, sizeof(finfo->name), 12, STR_ASCII); if (strcmp(finfo->name, "..") && strcmp(finfo->name, ".")) { - strncpy(finfo->short_name,finfo->name, sizeof(finfo->short_name)-1); - finfo->short_name[sizeof(finfo->short_name)-1] = '\0'; + strlcpy(finfo->short_name,finfo->name, sizeof(finfo->short_name)); } return(DIR_STRUCT_SIZE); ------- libsmbclient.c ------- --- /tmp/sccs.AZayMC Thu Jul 27 16:25:38 2006 +++ ./libsmb/libsmbclient.c Thu Jul 27 16:10:56 2006 @@ -181,8 +181,7 @@ *p = '\0'; - strncpy(dest, temp, max_dest_len - 1); - dest[max_dest_len - 1] = '\0'; + strlcpy(dest, temp, max_dest_len); return err_count; } @@ -290,8 +289,7 @@ * to the workgroup in the provided context. */ if (workgroup != NULL) { - strncpy(workgroup, context->workgroup, workgroup_len - 1); - workgroup[workgroup_len - 1] = '\0'; + strlcpy(workgroup, context->workgroup, workgroup_len); } if (options != NULL && options_len > 0) { @@ -336,11 +334,10 @@ if (*p == '/') { - strncpy(server, context->workgroup, + strlcpy(server, context->workgroup, ((strlen(context->workgroup) < 16) ? strlen(context->workgroup) : 16)); - server[server_len - 1] = '\0'; return 0; } @@ -383,18 +380,15 @@ } if (domain[0] && workgroup) { - strncpy(workgroup, domain, workgroup_len - 1); - workgroup[workgroup_len - 1] = '\0'; + strlcpy(workgroup, domain, workgroup_len); } if (username[0]) { - strncpy(user, username, user_len - 1); - user[user_len - 1] = '\0'; + strlcpy(user, username, user_len); } if (passwd[0]) { - strncpy(password, passwd, password_len - 1); - password[password_len - 1] = '\0'; + strlcpy(password, passwd, password_len); } } @@ -2300,9 +2294,9 @@ * Ditto for dirent->commentlen. * The space for the two null bytes was allocated. */ - strncpy(dirent->name, (name?name:""), dirent->namelen + 1); + strlcpy(dirent->name, (name?name:""), dirent->namelen); dirent->comment = (char *)(&dirent->name + dirent->namelen + 1); - strncpy(dirent->comment, (comment?comment:""), dirent->commentlen + 1); + strlcpy(dirent->comment, (comment?comment:""), dirent->commentlen); return 0; @@ -2974,7 +2968,7 @@ dest->comment = dest->name + dest->namelen + 1; /* Copy the comment */ - strncpy(dest->comment, src->comment, max_namebuf_len - 1); + strlcpy(dest->comment, src->comment, max_namebuf_len); dest->comment[max_namebuf_len - 1] = '\0'; /* Save other fields */ @@ -3617,14 +3611,12 @@ char atimebuf[32]; char mtimebuf[32]; - strncpy(atimebuf, ctime(&a_time), sizeof(atimebuf) - 1); - atimebuf[sizeof(atimebuf) - 1] = '\0'; + strlcpy(atimebuf, ctime(&a_time), sizeof(atimebuf)); if ((p = strchr(atimebuf, '\n')) != NULL) { *p = '\0'; } - strncpy(mtimebuf, ctime(&m_time), sizeof(mtimebuf) - 1); - mtimebuf[sizeof(mtimebuf) - 1] = '\0'; + strlcpy(mtimebuf, ctime(&m_time), sizeof(mtimebuf)); if ((p = strchr(mtimebuf, '\n')) != NULL) { *p = '\0'; } @@ -3631,6 +3623,7 @@ dbgtext("smbc_utimes(%s, atime = %s mtime = %s)\n", fname, atimebuf, mtimebuf); + } if (smbc_parse_path(context, fname, @@ -4207,11 +4200,8 @@ struct cli_state *cli = srv->cli; /* Copy name so we can strip off exclusions (if any are specified) */ - strncpy(name_sandbox, attr_name, sizeof(name_sandbox) - 1); + strlcpy(name_sandbox, attr_name, sizeof(name_sandbox)); - /* Ensure name is null terminated */ - name_sandbox[sizeof(name_sandbox) - 1] = '\0'; - /* Play in the sandbox */ name = name_sandbox; ------- vfs_afsacl.c ------- --- /tmp/sccs.u4aWMC Thu Jul 27 16:25:39 2006 +++ ./modules/vfs_afsacl.c Thu Jul 27 15:53:25 2006 @@ -236,7 +236,7 @@ char str[MAXSIZE+1]; char *p = str; - strncpy(str, acl_str, MAXSIZE); + strlcpy(str, acl_str, MAXSIZE); if (sscanf(p, "%d", &nplus) != 1) return False; ------- vfs_prealloc.c ------- --- /tmp/sccs.V7aiNC Thu Jul 27 16:25:39 2006 +++ ./modules/vfs_prealloc.c Thu Jul 27 15:53:25 2006 @@ -123,7 +123,7 @@ dot = strrchr(fname, '.'); if (dot && *++dot) { if (strlen(dot) < sizeof(fext)) { - strncpy(fext, dot, sizeof(fext)); + strlcpy(fext, dot, sizeof(fext)); strnorm(fext, CASE_LOWER); } } ------- pam_winbind.c ------- --- /tmp/sccs.D.aGNC Thu Jul 27 16:25:39 2006 +++ ./nsswitch/pam_winbind.c Thu Jul 27 15:53:24 2006 @@ -354,11 +354,11 @@ *pwd_last_set = 0; } - strncpy(request.data.auth.user, user, - sizeof(request.data.auth.user)-1); + strlcpy(request.data.auth.user, user, + sizeof(request.data.auth.user)); - strncpy(request.data.auth.pass, pass, - sizeof(request.data.auth.pass)-1); + strlcpy(request.data.auth.pass, pass, + sizeof(request.data.auth.pass)); request.data.auth.krb5_cc_type[0] = '\0'; request.data.auth.uid = -1; @@ -386,8 +386,8 @@ } if (cctype != NULL) { - strncpy(request.data.auth.krb5_cc_type, cctype, - sizeof(request.data.auth.krb5_cc_type) - 1); + strlcpy(request.data.auth.krb5_cc_type, cctype, + sizeof(request.data.auth.krb5_cc_type)); _pam_log_debug(ctrl, LOG_DEBUG, "enabling request for a %s krb5 ccache\n", cctype); } @@ -394,8 +394,8 @@ request.data.auth.require_membership_of_sid[0] = '\0'; if (member != NULL) { - strncpy(request.data.auth.require_membership_of_sid, member, - sizeof(request.data.auth.require_membership_of_sid)-1); + strlcpy(request.data.auth.require_membership_of_sid, member, + sizeof(request.data.auth.require_membership_of_sid)); } /* lookup name? */ @@ -410,8 +410,8 @@ _pam_log_debug(ctrl, LOG_DEBUG, "no sid given, looking up: %s\n", member); /* fortunatly winbindd can handle non-separated names */ - strncpy(sid_request.data.name.name, member, - sizeof(sid_request.data.name.name) - 1); + strlcpy(sid_request.data.name.name, member, + sizeof(sid_request.data.name.name)); if (pam_winbind_request_log(pamh, ctrl, WINBINDD_LOOKUPNAME, &sid_request, &sid_response, user)) { _pam_log(LOG_INFO, "could not lookup name: %s\n", member); @@ -420,8 +420,8 @@ member = sid_response.data.sid.sid; - strncpy(request.data.auth.require_membership_of_sid, member, - sizeof(request.data.auth.require_membership_of_sid)-1); + strlcpy(request.data.auth.require_membership_of_sid, member, + sizeof(request.data.auth.require_membership_of_sid)); } ret = pam_winbind_request_log(pamh, ctrl, WINBINDD_PAM_AUTH, &request, &response, user); @@ -529,19 +529,19 @@ if (request.data.chauthtok.user == NULL) return -2; - strncpy(request.data.chauthtok.user, user, - sizeof(request.data.chauthtok.user) - 1); + strlcpy(request.data.chauthtok.user, user, + sizeof(request.data.chauthtok.user)); if (oldpass != NULL) { - strncpy(request.data.chauthtok.oldpass, oldpass, - sizeof(request.data.chauthtok.oldpass) - 1); + strlcpy(request.data.chauthtok.oldpass, oldpass, + sizeof(request.data.chauthtok.oldpass)); } else { request.data.chauthtok.oldpass[0] = '\0'; } if (newpass != NULL) { - strncpy(request.data.chauthtok.newpass, newpass, - sizeof(request.data.chauthtok.newpass) - 1); + strlcpy(request.data.chauthtok.newpass, newpass, + sizeof(request.data.chauthtok.newpass)); } else { request.data.chauthtok.newpass[0] = '\0'; } @@ -640,8 +640,8 @@ return 1; } - strncpy(request.data.username, user, - sizeof(request.data.username) - 1); + strlcpy(request.data.username, user, + sizeof(request.data.username)); ret = pam_winbind_request_log(pamh, ctrl, WINBINDD_GETPWNAM, &request, &response, user); @@ -1120,11 +1120,11 @@ goto out; } - strncpy(request.data.logoff.user, user, - sizeof(request.data.logoff.user) - 1); + strlcpy(request.data.logoff.user, user, + sizeof(request.data.logoff.user)); - strncpy(request.data.logoff.krb5ccname, ccname, - sizeof(request.data.logoff.krb5ccname) - 1); + strlcpy(request.data.logoff.krb5ccname, ccname, + sizeof(request.data.logoff.krb5ccname)); pwd = getpwnam(user); if (pwd == NULL) { ------- wb_common.c ------- --- /tmp/sccs._ba4NC Thu Jul 27 16:25:39 2006 +++ ./nsswitch/wb_common.c Thu Jul 27 15:53:23 2006 @@ -189,8 +189,7 @@ /* Connect to socket */ - strncpy(path, dir, sizeof(path) - 1); - path[sizeof(path) - 1] = '\0'; + strlcpy(path, dir, sizeof(path) - 1); strncat(path, "/", sizeof(path) - 1 - strlen(path)); path[sizeof(path) - 1] = '\0'; @@ -200,7 +199,7 @@ ZERO_STRUCT(sunaddr); sunaddr.sun_family = AF_UNIX; - strncpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path) - 1); + strlcpy(sunaddr.sun_path, path, sizeof(sunaddr.sun_path)); /* If socket file doesn't exist, don't bother trying to connect with retry. This is an attempt to make the system usable when ------- winbind_nss_aix.c ------- No differences encountered ------- winbind_nss_linux.c ------- --- /tmp/sccs.vhaOOC Thu Jul 27 16:25:40 2006 +++ ./nsswitch/winbind_nss_linux.c Thu Jul 27 16:10:55 2006 @@ -482,10 +482,8 @@ ZERO_STRUCT(response); ZERO_STRUCT(request); - strncpy(request.data.username, name, - sizeof(request.data.username) - 1); - request.data.username - [sizeof(request.data.username) - 1] = '\0'; + strlcpy(request.data.username, name, + sizeof(request.data.username)); ret = winbindd_request_response(WINBINDD_GETPWNAM, &request, &response); @@ -695,10 +693,8 @@ ZERO_STRUCT(request); ZERO_STRUCT(response); - strncpy(request.data.groupname, name, + strlcpy(request.data.groupname, name, sizeof(request.data.groupname)); - request.data.groupname - [sizeof(request.data.groupname) - 1] = '\0'; ret = winbindd_request_response(WINBINDD_GETGRNAM, &request, &response); @@ -818,8 +814,8 @@ ZERO_STRUCT(request); ZERO_STRUCT(response); - strncpy(request.data.username, user, - sizeof(request.data.username) - 1); + strlcpy(request.data.username, user, + sizeof(request.data.username)); ret = winbindd_request_response(WINBINDD_GETGROUPS, &request, &response); @@ -894,8 +890,7 @@ ZERO_STRUCT(request); ZERO_STRUCT(response); - strncpy(request.data.sid, user_sid,sizeof(request.data.sid) - 1); - request.data.sid[sizeof(request.data.sid) - 1] = '\0'; + strlcpy(request.data.sid, user_sid,sizeof(request.data.sid)); ret = winbindd_request_response(WINBINDD_GETUSERSIDS, &request, &response); @@ -936,9 +931,8 @@ ZERO_STRUCT(response); ZERO_STRUCT(request); - strncpy(request.data.name.name, name, - sizeof(request.data.name.name) - 1); - request.data.name.name[sizeof(request.data.name.name) - 1] = '\0'; + strlcpy(request.data.name.name, name, + sizeof(request.data.name.name)); ret = winbindd_request_response(WINBINDD_LOOKUPNAME, &request, &response); if (ret != NSS_STATUS_SUCCESS) { @@ -992,9 +986,8 @@ } - strncpy(request.data.sid, sid, - sizeof(request.data.sid) - 1); - request.data.sid[sizeof(request.data.sid) - 1] = '\0'; + strlcpy(request.data.sid, sid, + sizeof(request.data.sid)); ret = winbindd_request_response(WINBINDD_LOOKUPSID, &request, &response); if (ret != NSS_STATUS_SUCCESS) { @@ -1040,8 +1033,7 @@ ZERO_STRUCT(request); ZERO_STRUCT(response); - strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1); - request.data.sid[sizeof(request.data.sid) - 1] = '\0'; + strlcpy(request.data.sid, sid, sizeof(request.data.sid)); ret = winbindd_request_response(WINBINDD_SID_TO_UID, &request, &response); if (ret != NSS_STATUS_SUCCESS) { @@ -1070,8 +1062,7 @@ ZERO_STRUCT(request); ZERO_STRUCT(response); - strncpy(request.data.sid, sid, sizeof(request.data.sid) - 1); - request.data.sid[sizeof(request.data.sid) - 1] = '\0'; + strlcpy(request.data.sid, sid, sizeof(request.data.sid)); ret = winbindd_request_response(WINBINDD_SID_TO_GID, &request, &response); if (ret != NSS_STATUS_SUCCESS) { ------- winbind_nss_solaris.c ------- --- /tmp/sccs.4jaaPC Thu Jul 27 16:25:40 2006 +++ ./nsswitch/winbind_nss_solaris.c Thu Jul 27 16:01:17 2006 @@ -493,7 +493,7 @@ af = AF_INET6; #endif - strncpy(request.data.winsreq, argp->key.name, strlen(argp->key.name)) ; + strlcpy(request.data.winsreq, argp->key.name, strlen(argp->key.name)) ; if( (ret = winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response)) == NSS_STATUS_SUCCESS ) { @@ -515,7 +515,7 @@ ZERO_STRUCT(response); ZERO_STRUCT(request); - strncpy(request.data.winsreq, argp->key.name, strlen(argp->key.name)); + strlcpy(request.data.winsreq, argp->key.name, strlen(argp->key.name)); if( (ret = winbindd_request_response(WINBINDD_WINS_BYNAME, &request, &response)) == NSS_STATUS_SUCCESS ) { ------- pam_smb_passwd.c ------- --- /tmp/sccs.4mayPC Thu Jul 27 16:25:40 2006 +++ ./pam_smbpass/pam_smb_passwd.c Thu Jul 27 16:01:17 2006 @@ -178,8 +178,8 @@ CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler); return PAM_BUF_ERR; } - strncpy( Announce, greeting, sizeof(greeting) ); - strncpy( Announce+sizeof(greeting)-1, user, strlen(user)+1 ); + strlcpy( Announce, greeting, sizeof(greeting) ); + strlcpy( Announce+sizeof(greeting)-1, user, strlen(user)+1 ); #undef greeting set( SMB__OLD_PASSWD, ctrl ); ------- support.c ------- --- /tmp/sccs..paWPC Thu Jul 27 16:25:40 2006 +++ ./pam_smbpass/support.c Thu Jul 27 16:01:16 2006 @@ -348,8 +348,8 @@ if (data_name == NULL) { _log_err( LOG_CRIT, "no memory for data-name" ); } - strncpy( data_name, FAIL_PREFIX, sizeof(FAIL_PREFIX) ); - strncpy( data_name + sizeof(FAIL_PREFIX) - 1, name, strlen( name ) + 1 ); + strlcpy( data_name, FAIL_PREFIX, sizeof(FAIL_PREFIX) ); + strlcpy( data_name + sizeof(FAIL_PREFIX) - 1, name, strlen( name ) + 1 ); /* * The password we were given wasn't an encrypted password, or it ------- pdb_smbpasswd.c ------- --- /tmp/sccs.ctaiQC Thu Jul 27 16:25:40 2006 +++ ./passdb/pdb_smbpasswd.c Thu Jul 27 16:01:15 2006 @@ -398,7 +398,7 @@ */ SMB_ASSERT(sizeof(pstring) > sizeof(linebuf)); - strncpy(user_name, linebuf, PTR_DIFF(p, linebuf)); + strlcpy(user_name, linebuf, PTR_DIFF(p, linebuf)); user_name[PTR_DIFF(p, linebuf)] = '\0'; /* Get smb uid. */ @@ -809,8 +809,7 @@ SMB_ASSERT(sizeof(user_name) > sizeof(linebuf)); - strncpy(user_name, linebuf, PTR_DIFF(p, linebuf)); - user_name[PTR_DIFF(p, linebuf)] = '\0'; + strlcpy(user_name, linebuf, PTR_DIFF(p, linebuf)); if (strequal(user_name, pwd->smb_name)) { found_entry = True; break; ------- secrets.c ------- --- /tmp/sccs.7uaGQC Thu Jul 27 16:25:40 2006 +++ ./passdb/secrets.c Thu Jul 27 16:01:14 2006 @@ -773,8 +773,7 @@ } size = MIN(size, sizeof(fstring)-1); - strncpy(old_style_pw, data, size); - old_style_pw[size] = 0; + strlcpy(old_style_pw, data, size); SAFE_FREE(data); ------- findme.c ------- No differences encountered ------- popt.c ------- --- /tmp/sccs.PBaqRC Thu Jul 27 16:25:41 2006 +++ ./popt/popt.c Thu Jul 27 16:01:13 2006 @@ -595,7 +595,7 @@ *te = '\0'; t = realloc(t, tn); te = t + strlen(t); - strncpy(te, a, alen); te += alen; + strlcpy(te, a, alen); te += alen; continue; /*@notreached@*/ /*@switchbreak@*/ break; default: ------- popthelp.c ------- --- /tmp/sccs.ODaORC Thu Jul 27 16:25:41 2006 +++ ./popt/popthelp.c Thu Jul 27 16:01:13 2006 @@ -167,7 +167,7 @@ } else { size_t slen = 4*lineLength - (le - l) - sizeof("\"...\")"); *le++ = '"'; - strncpy(le, s, slen); le[slen] = '\0'; le += strlen(le); + strlcpy(le, s, slen); le[slen] = '\0'; le += strlen(le); if (slen < strlen(s)) { strcpy(le, "..."); le += strlen(le); } ------- lpq_parse.c ------- --- /tmp/sccs.5GaaSC Thu Jul 27 16:25:41 2006 +++ ./printing/lpq_parse.c Thu Jul 27 16:01:11 2006 @@ -801,7 +801,7 @@ #define LPRNT_PAUSED "Paused" memset(&parse_line, '\0', sizeof(parse_line)); - strncpy((char *) &parse_line, line, sizeof(parse_line) -1); + strlcpy((char *) &parse_line, line, sizeof(parse_line)); if (strlen((char *) &parse_line) != sizeof(parse_line) - 1) { return False; @@ -884,7 +884,7 @@ #define LPROS2_PAUSED "Paused" memset(&parse_line, '\0', sizeof(parse_line)); - strncpy((char *) &parse_line, line, sizeof(parse_line) -1); + strlcpy((char *) &parse_line, line, sizeof(parse_line)); if (strlen((char *) &parse_line) != sizeof(parse_line) - 1) { return False; ------- print_cups.c ------- --- /tmp/sccs.XKaySC Thu Jul 27 16:25:41 2006 +++ ./printing/print_cups.c Thu Jul 27 16:01:11 2006 @@ -896,8 +896,8 @@ LPQ_PRINTING; temp->priority = job_priority; temp->time = job_time; - strncpy(temp->fs_user, user_name, sizeof(temp->fs_user) - 1); - strncpy(temp->fs_file, job_name, sizeof(temp->fs_file) - 1); + strlcpy(temp->fs_user, user_name, sizeof(temp->fs_user)); + strlcpy(temp->fs_file, job_name, sizeof(temp->fs_file)); qcount ++; ------- print_iprint.c ------- --- /tmp/sccs.5NaWSC Thu Jul 27 16:25:42 2006 +++ ./printing/print_iprint.c Thu Jul 27 16:01:10 2006 @@ -1168,8 +1168,8 @@ LPQ_PRINTING; temp->priority = job_priority; temp->time = job_time; - strncpy(temp->fs_user, user_name, sizeof(temp->fs_user) - 1); - strncpy(temp->fs_file, job_name, sizeof(temp->fs_file) - 1); + strlcpy(temp->fs_user, user_name, sizeof(temp->fs_user)); + strlcpy(temp->fs_file, job_name, sizeof(temp->fs_file)); qcount ++; ------- reg_cachehook.c ------- --- /tmp/sccs.2PaiTC Thu Jul 27 16:25:42 2006 +++ ./registry/reg_cachehook.c Thu Jul 27 16:01:10 2006 @@ -86,7 +86,7 @@ } *key = '\\'; - strncpy( key+1, keyname, len+1); + strlcpy( key+1, keyname, len+1); /* swap to a form understood by the SORTED_TREE */ ------- parse_prs.c ------- --- /tmp/sccs.QSaGTC Thu Jul 27 16:25:42 2006 +++ ./rpc_parse/parse_prs.c Thu Jul 27 16:01:09 2006 @@ -1354,7 +1354,7 @@ } if (MARSHALLING(ps)) { - strncpy(tmp_str, *str, len); + strlcpy(tmp_str, *str, len); } if (!prs_string(name, ps, depth, tmp_str, len+1)) { ------- srv_eventlog_lib.c ------- --- /tmp/sccs.3Va4TC Thu Jul 27 16:25:42 2006 +++ ./rpc_server/srv_eventlog_lib.c Thu Jul 27 16:01:08 2006 @@ -668,7 +668,7 @@ stop++; } temp_len = strlen( stop ); - strncpy( temp, stop, temp_len ); + strlcpy( temp, stop, temp_len ); rpcstr_push( ( void * ) ( entry->data_record.source_name ), temp, sizeof( entry->data_record.source_name ), STR_TERMINATE ); @@ -682,7 +682,7 @@ stop++; } temp_len = strlen( stop ); - strncpy( temp, stop, temp_len ); + strlcpy( temp, stop, temp_len ); rpcstr_push( ( void * ) ( entry->data_record.computer_name ), temp, sizeof( entry->data_record.computer_name ), STR_TERMINATE ); @@ -696,7 +696,7 @@ stop++; } temp_len = strlen( stop ); - strncpy( temp, stop, temp_len ); + strlcpy( temp, stop, temp_len ); rpcstr_push( ( void * ) ( entry->data_record.sid ), temp, sizeof( entry->data_record.sid ), STR_TERMINATE ); @@ -711,7 +711,7 @@ } temp_len = strlen( stop ); memset( temp, 0, sizeof( temp ) ); - strncpy( temp, stop, temp_len ); + strlcpy( temp, stop, temp_len ); rpcstr_push( ( void * ) ( entry->data_record.strings + ( entry->data_record.strings_len / 2 ) ), temp, ------- srv_spoolss_nt.c ------- --- /tmp/sccs.8YaqUC Thu Jul 27 16:25:42 2006 +++ ./rpc_server/srv_spoolss_nt.c Thu Jul 27 16:01:07 2006 @@ -1220,7 +1220,7 @@ int n_services = lp_numservices(); len = MIN(len,sizeof(drivername)-1); - strncpy(drivername, buf, len); + strlcpy(drivername, buf, len); DEBUG(10,("do_drv_upgrade_printer: Got message for new driver [%s]\n", drivername )); @@ -1318,7 +1318,7 @@ int n_services = lp_numservices(); len = MIN( len, sizeof(drivername)-1 ); - strncpy( drivername, buf, len ); + strlcpy( drivername, buf, len ); DEBUG(10,("reset_all_printerdata: Got message for new driver [%s]\n", drivername )); @@ -6060,7 +6060,7 @@ if (numlines) { /* Set the portname to what the script says the portname should be. */ - strncpy(printer->info_2->portname, qlines[0], sizeof(printer->info_2->portname)); + strlcpy(printer->info_2->portname, qlines[0], sizeof(printer->info_2->portname)); DEBUGADD(6,("Line[0] = [%s]\n", qlines[0])); } ------- lanman.c ------- --- /tmp/sccs.U4aOUC Thu Jul 27 16:25:43 2006 +++ ./smbd/lanman.c Thu Jul 27 16:01:06 2006 @@ -3496,8 +3496,7 @@ { char buf[100]; - strncpy(buf,SERVICE(snum),sizeof(buf)-1); - buf[sizeof(buf)-1] = 0; + strlcpy(buf,SERVICE(snum),sizeof(buf)); strupper_m(buf); if (uLevel <= 1) { ------- mangle_hash2.c ------- --- /tmp/sccs.D8aaVC Thu Jul 27 16:25:43 2006 +++ ./smbd/mangle_hash2.c Thu Jul 27 16:01:05 2006 @@ -130,8 +130,7 @@ is the only place where we need to use a multi-byte string function */ length = MIN(length,sizeof(fstring)-1); - strncpy(str, key, length); - str[length] = 0; + strlcpy(str, key, length); strupper_m(str); /* the length of a multi-byte string can change after a strupper_m */ @@ -400,8 +399,7 @@ /* we found it - construct the full name */ if (name[8] == '.') { - strncpy(extension, name+9, 3); - extension[3] = 0; + strlcpy(extension, name+9, 4); } else { extension[0] = 0; } ------- tdbtest.c ------- No differences encountered ------- crypttest.c ------- --- /tmp/sccs.icaWVC Thu Jul 27 16:25:43 2006 +++ ./tests/crypttest.c Thu Jul 27 16:01:04 2006 @@ -689,7 +689,7 @@ * Setup key schedule */ clearmem(ktab, sizeof ktab); - strncpy(ktab, key, 8); + strlcpy(ktab, key, 8); ufc_mk_keytab(ktab); /* ------- os2_delete.c ------- No differences encountered ------- unixsock.c ------- --- /tmp/sccs.3faGWC Thu Jul 27 16:25:44 2006 +++ ./tests/unixsock.c Thu Jul 27 16:01:04 2006 @@ -53,7 +53,7 @@ /* Bind a name to the socket. */ name.sun_family = AF_LOCAL; - strncpy(name.sun_path, filename, sizeof (name.sun_path)); + strlcpy(name.sun_path, filename, sizeof (name.sun_path)); /* The size of the address is the offset of the start of the filename, ------- sharesec.c ------- --- /tmp/sccs.Aja4WC Thu Jul 27 16:25:44 2006 +++ ./utils/sharesec.c Thu Jul 27 16:01:03 2006 @@ -234,7 +234,7 @@ char *end_acl = strchr_m( pacl, ',' ); fstring acl_string; - strncpy( acl_string, pacl, MIN( PTR_DIFF( end_acl, pacl ), sizeof(fstring)-1) ); + strlcpy( acl_string, pacl, MIN( PTR_DIFF( end_acl, pacl ), sizeof(fstring)) ); acl_string[MIN( PTR_DIFF( end_acl, pacl ), sizeof(fstring)-1)] = '\0'; if ( !parse_ace( ctx, &ace[i], acl_string ) ) ------- smbget.c ------- --- /tmp/sccs.pmaqXC Thu Jul 27 16:25:44 2006 +++ ./utils/smbget.c Thu Jul 27 16:01:02 2006 @@ -94,8 +94,8 @@ printf("Username for %s at %s [guest] ", shr, srv); fgets(tmp, sizeof(tmp), stdin); if(tmp[strlen(tmp)-1] == '\n')tmp[strlen(tmp)-1] = '\0'; - strncpy(un, tmp, unlen-1); - } else if(username) strncpy(un, username, unlen-1); + strlcpy(un, tmp, unlen); + } else if(username) strlcpy(un, username, unlen); if(!nonprompt && !password) { char *prompt, *pass; @@ -102,10 +102,10 @@ asprintf(&prompt, "Password for %s at %s: ", shr, srv); pass = getpass(prompt); free(prompt); - strncpy(pw, pass, pwlen-1); - } else if(password) strncpy(pw, password, pwlen-1); + strlcpy(pw, pass, pwlen); + } else if(password) strncpy(pw, password, pwlen); - if(workgroup)strncpy(wg, workgroup, wglen-1); + if(workgroup)strlcpy(wg, workgroup, wglen); wgtmp = SMB_STRNDUP(wg, wglen); usertmp = SMB_STRNDUP(un, unlen); @@ -204,7 +204,7 @@ static char buffer[100]; int secs, mins, hours; if(t < -1) { - strncpy(buffer, "Unknown", sizeof(buffer)); + strlcpy(buffer, "Unknown", sizeof(buffer)); return buffer; } ------- swat.c ------- --- /tmp/sccs.DpaOXC Thu Jul 27 16:25:44 2006 +++ ./web/swat.c Thu Jul 27 16:00:59 2006 @@ -86,7 +86,7 @@ while (*str) { if ( *str == '\"' && (newstring_len - PTR_DIFF(p, newstring) - 1) > quote_len ) { - strncpy( p, """, quote_len); + strlcpy( p, """, quote_len); p += quote_len; } else { *p++ = *str;