On Monday 28 February 2011 02:15:47, Michael Snyder wrote:
{
- strcpy(myregexp, regexp);
+ strncpy(myregexp, regexp, sizeof (myregexp) - 1);
Such fixes ain't that much better. At the bare least, you'd
need to null terminate the result, as strncpy does not do that
for you if REGEXP is large enough --- strncpy was not
designed as a safe strcpy. And then proceeding as if nothing
happened when `myregexp' isn't large enough is just b0rked.
if (myregexp[strlen(myregexp) - 1] == '$') /* end of selector */
myregexp[strlen(myregexp) - 1] = ']'; /* end of method name */