On Thu, Aug 27, 2020 at 1:58 AM Nick Desaulniers ndesaulniers@google.com wrote:
On Wed, Aug 26, 2020 at 9:57 AM Joe Perches joe@perches.com wrote:
On Thu, 2020-08-27 at 01:49 +0900, Masahiro Yamada wrote:
I do not have time to keep track of the discussion fully, but could you give me a little more context why the usage of stpcpy() is not recommended ?
The implementation of strcpy() is almost the same. It is unclear to me what makes stpcpy() unsafe..
https://lore.kernel.org/lkml/202008150921.B70721A359@keescook/
It's the same thing that makes strcpy unsafe:
Unchecked buffer lengths with no guarantee src is terminated.
OK, then stpcpy(), strcpy() and sprintf() have the same level of unsafety.
strcpy() is used everywhere.
I am not convinced why only stpcpy() should be hidden.