Hi,
I recently ran a small script on both FlightGear's and SimGear's
source-tree. I was surprised to see that over 500 times sprintf (and
similar possibly problematic functions such as strcpy, vsprintf, memcpy,
memmove and bcopy) was used. My questions are:
1. Should these be replaced by snprintf (et cetera) ?
2. If so, is anybody working on that?
3. If not, I'm willing to make them all boundary safe. I came across a lot
of occurrences like this:
...
char buf[some_number];
some_function(buf, more_variables);
...
void some_function(char *buf, more_variables ) {
...
sprintf(buf, "blabla %s blabla %d", ... );
...
}
To me it seems that the size of the buffer should be passed along to
some_function. What do you suggest?
--Ivo
_______________________________________________
Flightgear-devel mailing list
[EMAIL PROTECTED]
http://mail.flightgear.org/mailman/listinfo/flightgear-devel
