Hi,
the strlcpy() included with ngircd is broken. It will always return values smaller than the specified buffer length. This is very bad because you can no longer tell if truncation occured by looking at the return value (hence, the truncation checks in ngircd won't work if the included strlcpy is used).
Trivial patch is attached.
Florian
Hi Florian!
the strlcpy() included with ngircd is broken. It will always return values smaller than the specified buffer length. This is very bad because you can no longer tell if truncation occured by looking at the return value (hence, the truncation checks in ngircd won't work if the included strlcpy is used).
This code has been taken from "compat.c" included in rsync. This bug has been discovered there many(?) months ago and has been fixed there. -- But not in our code ... :-/
Ugly.
Everybody not using systems that implement strlcpy() in the C library should apply this patch! "Modern" systems are safe: recent versions of Linux (glibc), FreeBSD, Mac OS X ...
Trivial patch is attached.
Applied to CVS-HEAD and branch-0-8-x. Thanks a lot!
Regards Alex
-
Alexander Barton -
Florian Westphal