introduced my_strlcpy

This commit is contained in:
Sergey Lyubka 2010-05-10 09:50:20 +02:00
parent d94c3f8b64
commit f46e4fac19

View File

@ -158,6 +158,11 @@ static struct message *new_message(void) {
return message; return message;
} }
static void my_strlcpy(char *dst, const char *src, size_t len) {
strncpy(dst, src, len);
dst[len - 1] = '\0';
}
// A handler for the /ajax/send_message endpoint. // A handler for the /ajax/send_message endpoint.
static void ajax_send_message(struct mg_connection *conn, static void ajax_send_message(struct mg_connection *conn,
const struct mg_request_info *request_info) { const struct mg_request_info *request_info) {
@ -178,8 +183,8 @@ static void ajax_send_message(struct mg_connection *conn,
// TODO(lsm): JSON-encode all text strings // TODO(lsm): JSON-encode all text strings
session = get_session(conn); session = get_session(conn);
assert(session != NULL); assert(session != NULL);
strlcpy(message->text, text, sizeof(text)); my_strlcpy(message->text, text, sizeof(text));
strlcpy(message->user, session->user, sizeof(message->user)); my_strlcpy(message->user, session->user, sizeof(message->user));
pthread_rwlock_unlock(&rwlock); pthread_rwlock_unlock(&rwlock);
} }
@ -276,7 +281,7 @@ static void authorize(struct mg_connection *conn,
// authentication. The danger of doing this is that session cookie can // authentication. The danger of doing this is that session cookie can
// be stolen and an attacker may impersonate the user. // be stolen and an attacker may impersonate the user.
// Secure application must use HTTPS all the time. // Secure application must use HTTPS all the time.
strlcpy(session->user, user, sizeof(session->user)); my_strlcpy(session->user, user, sizeof(session->user));
snprintf(session->random, sizeof(session->random), "%d", rand()); snprintf(session->random, sizeof(session->random), "%d", rand());
generate_session_id(session->session_id, session->random, generate_session_id(session->session_id, session->random,
session->user, request_info); session->user, request_info);