More thinking securely...
Dave Leimbach
leimySPAM2k at mac.com
Wed Dec 10 07:15:12 PST 2003
Dave Leimbach <leimySPAM2k at xxxxxxx> writes:
> <jarkko.hietaniemi at xxxxxxxxx> writes:
>
> > > 'safe' situations where old functions are used (like
> > > sprintf(buf, "%d", v)), simply because then the audited
> >
> > Safe?
> >
> > char buf[8];
> > sprintf(buf, "%d", v);
>
> You need to know how many decimal digits are in an "int" to feel good
> about that code. Then you have to leave room for the '\0';
>
> C++ stringstream anyone? :) [Oooh... I said a cuss word in a Unix/BSD
> commmunity - "C++".]
>
> Type safety has some advantages.... and I don't care how the hell clever you
> are with stdint.h from C99. You still have to know what the printf format
> strings are going to do.
>
> "%hhd" = char sized decimal
> "%hd" = short sized decimal
> "%d" = int sized decimal
> "%ld" = long sized decimal
> "%lld" = long long sized decimal.
>
> There is no format string I am aware of that can do %64d for a 64bit
> integer. Of course that doesn't mean they don't exist... I am just not
> aware of them :)
Bill Fenner corrected me :). inttypes.h has exactly this information. :)
Dave
More information about the Kernel
mailing list