void GetLine(char* Buffer)
{
- scanf("%s", Buffer);
+ size_t Buffer_size = sizeof(Buffer);
+ fgets(Buffer, (Buffer_size - 1), stdin);
+ sscanf(Buffer,"%s");
sizeof() in the C language does not reach through a pointer to find the size of
the underlying object - that code will always set Buffer_size to the size of
the pointer itself (4 bytes on 32-bit, 8 bytes on 64-bit), not the size of the
buffer the pointer is pointing to.
[Noticed when someone suggested we apply the patch from Debian to our packages
as well.]
--
-Alan Coopersmith- [email protected]
Oracle Solaris Engineering - http://blogs.oracle.com/alanc
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
