More thinking securely...
Matthew Dillon
dillon at apollo.backplane.com
Wed Dec 10 11:53:24 PST 2003
:
:> 'safe' situations where old functions are used (like
:> sprintf(buf, "%d", v)), simply because then the audited
:
:Safe?
:
: char buf[8];
: sprintf(buf, "%d", v);
:
:>
If 'v' is a short :-)
Most programmers don't make that mistake.. that is, it isn't a common
mistake. A more common mistake is to use strcpy() and strcat() without
checking for possible overflows.
-Matt
Matthew Dillon
<dillon at xxxxxxxxxxxxx>
More information about the Kernel
mailing list