More thinking securely...
jarkko.hietaniemi at nokia.com
jarkko.hietaniemi at nokia.com
Thu Dec 11 00:32:44 PST 2003
> :Safe?
> :
> : char buf[8];
> : sprintf(buf, "%d", v);
> :
> :>
>
> If 'v' is a short :-)
>
> Most programmers don't make that mistake.. that is, it isn't a common
> mistake. A more common mistake is to use strcpy() and strcat() without
> checking for possible overflows.
Agreed. The real-life example I showed was (of course :-) simplified. What really
happened was more like this this:
numeric_type_t v;
char buf[enough_for_numeric_type_t_using_a_certain_sprintf_format_and_the_nul];
sprintf(buf, format_string_right_for_the_numeric_type_t, v);
and then later someone in a header changing the definition of the numeric_type_t
to allow greater range.
More information about the Kernel
mailing list