strcpy -> strlcpy?

Anil Madhavapeddy anil at
Sun Jan 2 18:13:44 PST 2005

On Sat, Jan 01, 2005 at 11:02:18AM -0800, Matthew Dillon wrote:
> I think the answer is 'yes', because it makes audits easier, but
> it's also very easy to make mistakes when doing such conversions
> (e.g. like accidently using sizeof(variable) where variable is a
> pointer rather then a buffer), so any such patches would have to
> be carefully reviewed.  Feed them slowly :-)

If you're interested, we've got some simple modifications in the OpenBSD
gcc (both 2.95 and 3.3) which checks for these kinds of errors.  It
does need relevant functions like strlcpy(3) to be marked up with
attributes to indicate which arguments are buffers and which are buffer

I haven't had a chance to feed these back into gcc, but they should be
pretty easy to extract from the OpenBSD tree, and are documented here:

Anil Madhavapeddy                       
University of Cambridge                

More information about the Kernel mailing list