[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]
Re: tor callgrinds
On Fri, Feb 16, 2007 at 09:19:51PM -0500, Watson Ladd wrote:
> I couldn't help but notice a strncpy in the diagrams. That's
> inefficient, and insecure. The reason is that strncpy fills the entire
> rest of the target string with \x00 but might not do it if the sizes
> differ. Use strlcpy instead! It's almost a drop in replacement, faster,
> and more secure.
> Thanks,
> Watson Ladd
>
>
Without the visualizer itself it can be difficult to find the context just
by looking at a snapshot.
It's mainly being called from _tor_strndup(), from what I can see, which
specifically notes:
/** Allocate and return a new string containing the first <b>n</b>
* characters of <b>s</b>. If <b>s</b> is longer than <b>n</b>
* characters, only the first <b>n</b> are copied. The result is
* always NUL-terminated. (Like strndup(s,n), but never returns
* NULL.)
*/
char *
_tor_strndup(const char *s, size_t n DMALLOC_PARAMS)
{
char *dup;
tor_assert(s);
dup = _tor_malloc((n+1) DMALLOC_FN_ARGS);
/* Performance note: Ordinarily we prefer strlcpy to strncpy. But
* this function gets called a whole lot, and platform strncpy is
* much faster than strlcpy when strlen(s) is much longer than n.
*/
strncpy(dup, s, n);
dup[n]='\0';
return dup;
}
-cl