1. 9

This is why strlcpy was invented: https://www.freebsd.org/cgi/man.cgi?query=strlcpy&sektion=3


  2. [Comment removed by author]

    1. 1

      strncpy takes an extra argument, another value the developer can get wrong. Why is passing three argument safer than passing two? There is 50% more to get wrong.

      One argument for strncpy being safer is that the extra argument provides more information for consistency checking. But I don’t have any data showing that consistency checking has benefits that outweigh the cost of the extra argument.

      1. 3

        I don’t think this is a great argument. It would imply globals are better than parameters, because you’ll never pass the wrong one.

        1. 1

          Of course, strcopy also includes this argument in the form of the null terminator on the source string. It’s therefore implicit, conventional and actually easier to screw up than manually bookeeping a length.

      2. 3

        That’s why I always open man-page/documentation before using a function. Until I know man-page by heart I will reopen the man-page and even then - better safe than sorry.

        It is a bit funny how auto-completion in many cases would only give a false sense of understanding. But maybe it’s better than when I was using it. One could argue that it’s C’s fault, but surprising behavior can happen in every language and especially in an older one.

        1. 3

          Shouldn’t the role of the language be to limit surprise?

          1. [Comment removed by author]

            1. 2

              gets was removed in C11

              1. [Comment removed by author]