On Saturday 13 October 2007 10:41, Melchior FRANZ wrote:
> But there's one thing: one of my IMHO correct uses of snprintf()
> was changed by someone to add a \0 byte at the last position of
> the possible maximum length, which I found a bit annoying.
> To my knowledge this is only needed for strncpy()/strncat(), but
> not for snprintf(). The manpage seems a bit unclear about it,
> but the code example is very clear.
>
Just curious: Do you have an example of that? I did a grep for '\0'on the
source tree, but didn't come up with anything resembling such a use of
snprintf. Just using snprint to put a train \0 at the maximum location
wouldn't really help preventing overflow problems from an unsafe sprintf
statement. For example:
char buffer[8];
double *some;
double *other;
double *important;
double *variables;
sprintf(buffer, "this is a very long string that won't
fit %s, %s", "ha", "ha");
will cause the buffer to overflow, thereby overwriting the other important
variables. Placing a \0 wouldn't help in that case.
But maybe I'm misunderstanding. :-)
what's nice about snprintf is that it only prints the maximum allowable
characters, but returns the number of characters. This allows one to check
for possible overflow situation; i.e.
buff[8];
if (snprintf(buff, 8, "some string of information) > 8) {
SG_LOG(YIKES!!);
}
I agree that in most cases the existing sprintf's are pretty well contained,
but in cases where dynamically allocated data is involved (i.e. directories
pathnames, and property paths). For these situations, it's hard to determine
how large the buffers should be.
Cheers,
Durk
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Flightgear-devel mailing list
Flightgear-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/flightgear-devel
