Multiple choice technology security

The options show various uses of strncpy. Choose which use of strncpy is most secure while not wasting storage space at dst? Src is an untrusted input obtained from an external source.

  1. Strncpy(dst,src,len(dst))

  2. Strncpy(dst,src,len(src)+1)

  3. Strncpy(dst,src,len(dst)+1)

  4. Strncpy(dst,src,len(dst)-1)

Reveal answer Fill a bubble to check yourself
D Correct answer
Explanation

Using strncpy(dst, src, sizeof(dst) - 1) ensures that we do not overflow the destination buffer and reserves space to manually append a null terminator \0 at dst[sizeof(dst)-1], making it the most secure of the options.