DragonFly BSD
DragonFly kernel List (threaded) for 2003-12
[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]

RE: More thinking securely...


From: <jarkko.hietaniemi@xxxxxxxxx>
Date: Thu, 11 Dec 2003 10:31:58 +0200

> :Safe?
> :
> :	char buf[8];
> :	sprintf(buf, "%d", v);
> :
> :> 
> 
>     If 'v' is a short :-)
> 
>     Most programmers don't make that mistake.. that is, it isn't a common
>     mistake.  A more common mistake is to use strcpy() and strcat() without
>     checking for possible overflows.

Agreed.  The real-life example I showed was (of course :-) simplified.  What really
happened was more like this this:

	numeric_type_t v;
	char buf[enough_for_numeric_type_t_using_a_certain_sprintf_format_and_the_nul];
	sprintf(buf, format_string_right_for_the_numeric_type_t, v);

and then later someone in a header changing the definition of the numeric_type_t
to allow greater range.





[Date Prev][Date Next]  [Thread Prev][Thread Next]  [Date Index][Thread Index]