Lit. Buffer overruns 1681

Others have already noted this is wrong; fgets always fits a impossible to fit anything) and not EOF or I-O error (with return value NULL which should be checked).

However, the %s and % conversions of *scanf *do* have this problem. E.g. %10s will read and store up to 10 characters (delimited by whitespace) PLUS a nul terminator, requiring a char11 variable. This is especially annoying because you cannot feed a variable size to a *scanf specifier with '*' as you can for *printf.

This sequence is unsafe. If strlen(src) is greater or equal to N, here length is strictly less than N, then strncpy pads with nuls, which ensures at least one.) If the buffer is local (automatic), which it must be if declared as shown adjacent to a statement, and not explicitly initialized, now it doesn't contain a nul terminator for strncat to append to, or any subsequent use as a string like strlen, strcpy to somewhere else, *printf %s etc.

The safe but clumsy way to use strncpy is something like strncpy (buf, whatever, sizeof buf -1); buf sizeof buf -1 = '-0'; Because strncpy returns its first (pointer) argument, you can actually do this in one (expression and) statement strncpy (buf, whatever, sizeof buf -1) sizeof buf -1 = 0; but the two seconds you save coding will be more than outweighed by the hundreds of hours you will have to spend explaining this to almost every person ever who reads your code.

OTOH that strncat call is the exactly correct way, as long as buf does contain a valid (nul-terminated) string when it is reached.

Berkeley strlcpy-cat do, and don't require the annoying -strlen(already) adjustment. But they aren't standard.

- David.Thompson1 at worldnet.att.net