On Jan 24, 2011, at 6:02 PM, Matt Neuburg <m...@tidbits.com> wrote: > > (2) A common trick is make the text file a format string (i.e., containing a > lot of %@) and just hand it to stringWithFormat along with all the > substitutions. Badda bing badda boom.
This is how security vulnerabilities are born. You are handing off formatting strings to functions that trust you are supplying the correct number and type of arguments to match, or else they will blithely access random chunks of memory. If you are at all accepting arbitrary input files, you must not simply hand the text over as a formatting specifier. Even if you're building an iOS app and bundling all the possible files yourself, do yourself a favor and build a more robust parser now. There's no sense in writing intentionally fragile code that will (not "may") result in a crasher and irate customers sometime in the future when someone accidentally puts one to many %@ sequences in the MadLib file. --Kyle Sluder (sent from the road)_______________________________________________ Cocoa-dev mailing list (Cocoa-dev@lists.apple.com) Please do not post admin requests or moderator comments to the list. Contact the moderators at cocoa-dev-admins(at)lists.apple.com Help/Unsubscribe/Update your Subscription: http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com This email sent to arch...@mail-archive.com
