diff options
| author | Jason Spiro <jasonspiro4@gmail.com> | 2008-10-28 14:57:15 -0500 |
|---|---|---|
| committer | Michael Kerrisk <mtk.manpages@gmail.com> | 2008-10-29 14:54:25 -0500 |
| commit | 9031fc7ae51686d6eb956dda27bad09e3bfd1be5 (patch) | |
| tree | 716c2b8570f8c444d366cf83d8db303f9cfb1ec0 /man3/strcpy.3 | |
| parent | 71b2fb380d904bed0a7be376c796a7229ae84522 (diff) | |
| download | man-pages-9031fc7ae51686d6eb956dda27bad09e3bfd1be5.tar.gz | |
strcpy.3: Strengthen warning about checking against buffer overruns
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=413940
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
Diffstat (limited to 'man3/strcpy.3')
| -rw-r--r-- | man3/strcpy.3 | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/man3/strcpy.3 b/man3/strcpy.3 index 06b00bbefd..e5ebf22e54 100644 --- a/man3/strcpy.3 +++ b/man3/strcpy.3 @@ -30,7 +30,7 @@ .\" 2007-06-15, Marc Boyer <marc.boyer@enseeiht.fr> + mtk .\" Improve discussion of strncpy(). .\" -.TH STRCPY 3 2008-09-25 "GNU" "Linux Programmer's Manual" +.TH STRCPY 3 2008-10-28 "GNU" "Linux Programmer's Manual" .SH NAME strcpy, strncpy \- copy a string .SH SYNOPSIS @@ -123,10 +123,14 @@ if (n > 0) .SH BUGS If the destination string of a .BR strcpy () -is not large enough -(that is, if the programmer was stupid or lazy, and failed to check -the size before copying) then anything might happen. -Overflowing fixed-length strings is a favorite cracker technique. +is not large enough, then anything might happen. +Overflowing fixed-length string buffers is a favorite cracker technique +for taking complete control of the machine. +Any time a program reads or copies data into a buffer, +the program first needs to check that there's enough space. +This may be unnecessary if you can show that overflow is impossible, +but be careful: programs can get changed over time, +in ways that may make the impossible possible. .SH "SEE ALSO" .BR bcopy (3), .BR memccpy (3), |