DragonFly kernel List (threaded) for 2003-12
[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]

Re: More thinking securely...

From:	Dave Leimbach <leimySPAM2k@xxxxxxx>
Date:	10 Dec 2003 14:16:36 -0600

Matthew Dillon <dillon@xxxxxxxxxxxxxxxxxxxx> writes:

> :
> :>     'safe' situations where old functions are used (like
> :>     sprintf(buf, "%d", v)), simply because then the audited 
> :
> :Safe?
> :
> :	char buf[8];
> :	sprintf(buf, "%d", v);
> :
> :> 
> 
>     If 'v' is a short :-)

Then you would actually want
sprintf(buf, "%hd", v); 
I think :)

> 
>     Most programmers don't make that mistake.. that is, it isn't a common
>     mistake.  A more common mistake is to use strcpy() and strcat() without
>     checking for possible overflows.


Right... :)  



> 
> 					-Matt
> 					Matthew Dillon 
> 					<dillon@xxxxxxxxxxxxx>

References:
- RE: More thinking securely...
  - From: jarkko.hietaniemi
- RE: More thinking securely...
  - From: Matthew Dillon

[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index][Thread Index]