diff options
| -rw-r--r-- | man3/strcpy.3 | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/man3/strcpy.3 b/man3/strcpy.3 index 06b00bbefd..e5ebf22e54 100644 --- a/man3/strcpy.3 +++ b/man3/strcpy.3 @@ -30,7 +30,7 @@ .\" 2007-06-15, Marc Boyer <marc.boyer@enseeiht.fr> + mtk .\" Improve discussion of strncpy(). .\" -.TH STRCPY 3 2008-09-25 "GNU" "Linux Programmer's Manual" +.TH STRCPY 3 2008-10-28 "GNU" "Linux Programmer's Manual" .SH NAME strcpy, strncpy \- copy a string .SH SYNOPSIS @@ -123,10 +123,14 @@ if (n > 0) .SH BUGS If the destination string of a .BR strcpy () -is not large enough -(that is, if the programmer was stupid or lazy, and failed to check -the size before copying) then anything might happen. -Overflowing fixed-length strings is a favorite cracker technique. +is not large enough, then anything might happen. +Overflowing fixed-length string buffers is a favorite cracker technique +for taking complete control of the machine. +Any time a program reads or copies data into a buffer, +the program first needs to check that there's enough space. +This may be unnecessary if you can show that overflow is impossible, +but be careful: programs can get changed over time, +in ways that may make the impossible possible. .SH "SEE ALSO" .BR bcopy (3), .BR memccpy (3), |