More thinking securely...

Dave Leimbach leimySPAM2k at mac.com
Wed Dec 10 12:16:36 PST 2003


Matthew Dillon <dillon at xxxxxxxxxxxxxxxxxxxx> writes:

> :
> :>     'safe' situations where old functions are used (like
> :>     sprintf(buf, "%d", v)), simply because then the audited 
> :
> :Safe?
> :
> :	char buf[8];
> :	sprintf(buf, "%d", v);
> :
> :> 
> 
>     If 'v' is a short :-)

Then you would actually want
sprintf(buf, "%hd", v); 
I think :)

> 
>     Most programmers don't make that mistake.. that is, it isn't a common
>     mistake.  A more common mistake is to use strcpy() and strcat() without
>     checking for possible overflows.


Right... :)  



> 
> 					-Matt
> 					Matthew Dillon 
> 					<dillon at xxxxxxxxxxxxx>





More information about the Kernel mailing list