On Fri, May 6, 2011 at 3:52 PM, John Scipione <jscipione@xxxxxxxxx> wrote: > strcmp as does strncmp with length 1 returns 102 which will evaluate to true > for non null-terminated (but not blank) string. This is a potential security > exploit. Okay okay, so, the changes of a non null-terminated string are low > so maybe I am just being paranoid here but I am kind of surprised that this > tomfoolery actually worked. I mean, strcmp() isn't suppose to return 102 > ever, only -1, 0, or 1! Incorrect, all the standard requires is that the integer be > 0 in one case and < 0 in the other, c.f. http://pubs.opengroup.org/onlinepubs/009695399/functions/strcmp.html Regards, Rene