On Fri, 16 May 2008, Nico Golde wrote:
I first thought the buffer you write into is also 200 bytes
big then the 0 byte sprintf writes at the end would cause an
off-by-one. I just saw that its 256 bytes big so this should
be no problem.
Yes, I left some space. You have to add the fix format string
to 200 which is all in all something less than the allocated size
of 256.
However I still prefer clean fixes and
snprintf is the clean fix for boundary problems of sprintf.
Fully ACK.
Anyway, nothing that needs to be fixed with an additional
upload.
OK. Just learned some lession about security anyway
Andreas.
--
http://fam-tille.de
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
