Look at the following code snippet. You may assume that escape() argument is always non-null and…

Look at the following code snippet. You may assume that escape()
argument is always non-null and points to a ’’- terminated
string. What’s wrong with this code (from a security point of
view)?
/*Escapes all newlines in the input string, replacing them
with”n”.*/
/* Requires: p != NULL; p is a valid ’’-terminated string
*/
void escape(char *p)
{ while (*p != ’’) switch (*p)
{ case ’n’: memcpy(p+2, p+1, strlen(p));
*p++ = ’\’; *p++ = ’n’;
break;
default:
p++;
}
}
Can you also explain what is happening in the code?