More thinking securely...
Dave Leimbach
leimySPAM2k at mac.com
Wed Dec 10 12:16:36 PST 2003
Matthew Dillon <dillon at xxxxxxxxxxxxxxxxxxxx> writes:
> :
> :> 'safe' situations where old functions are used (like
> :> sprintf(buf, "%d", v)), simply because then the audited
> :
> :Safe?
> :
> : char buf[8];
> : sprintf(buf, "%d", v);
> :
> :>
>
> If 'v' is a short :-)
Then you would actually want
sprintf(buf, "%hd", v);
I think :)
>
> Most programmers don't make that mistake.. that is, it isn't a common
> mistake. A more common mistake is to use strcpy() and strcat() without
> checking for possible overflows.
Right... :)
>
> -Matt
> Matthew Dillon
> <dillon at xxxxxxxxxxxxx>
More information about the Kernel
mailing list