Replace strncpy and strcpy altogether with calls to snprintf. It takes a fixed b... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		tonysdg on Jan 20, 2019 \| parent \| context \| favorite \| on: Inside the C Standard Library Replace strncpy and strcpy altogether with calls to snprintf. It takes a fixed buffer size, terminates correctly with the null character, and safely does everything strncpy does and more. It's a POSIX standard, so it should be portable to most systems too. And yes, maybe it'll impact performance. Worry about that _after_ you profile your code and have the numbers to show it -- I'd bet good money that 95% of developers will never need to worry about it.

rurban on Jan 28, 2019 [–]

snprintf is the same trash, just slower. See eg. http://blog.infosectcbr.com.au/2018/11/memory-bugs-in-multip... discussing the need of an improved scnprintf in the Linux kernel.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact