15-06-2023, 01:06 PM
I have a philosophical question.
Example code:
void foo() {
char buf[128];
strncpy(buf, "hello", 128);
}
The strncpy call does not have any undefined behavior. It will write "hello" in the buffer. Writing 6 bytes in a 128 byte buffer is not undefined behavior.
Does this code then violate rule 21.18? The third argument is larger than the size of the string literal.
Reading the amplification, it seems to me the code in non-compliant.
Reading the rationale, the point of this rule is to avoid buffer overflows. Since there is no buffer overflow does it mean the code is compliant?
Example code:
void foo() {
char buf[128];
strncpy(buf, "hello", 128);
}
The strncpy call does not have any undefined behavior. It will write "hello" in the buffer. Writing 6 bytes in a 128 byte buffer is not undefined behavior.
Does this code then violate rule 21.18? The third argument is larger than the size of the string literal.
Reading the amplification, it seems to me the code in non-compliant.
Reading the rationale, the point of this rule is to avoid buffer overflows. Since there is no buffer overflow does it mean the code is compliant?