std.file functions and embedded NUL characters [CWE-158]
Steven Schveighoffer
schveiguy at gmail.com
Fri Aug 1 18:13:57 UTC 2025
On Friday, 1 August 2025 at 17:53:17 UTC, Steven Schveighoffer
wrote:
> If instead you check every character, you will change to a for
> loop, which will be slow.
>
> I think the right answer here is to use
> [strncpy](https://cplusplus.com/reference/cstring/strncpy/).
> According to the docs, strncpy will copy up to N characters.
> But if a NUL character is reached before end of the string,
> then it zeroes the rest of the buffer. This means we can detect
> whether a 0 was inside the string by checking the last byte
> copied.
https://github.com/dlang/phobos/issues/10836
Would be quite an easy fix if someone wants to tackle it.
-Steve
More information about the Digitalmars-d
mailing list