Hi Durk,
Durk Talsma schrieb am 13.10.2007 11:44:
> Just curious: Do you have an example of that? I did a grep for '\0'on the
> source tree, but didn't come up with anything resembling such a use of
> snprintf.
Maybe you need to grep for = 0.
But I think it should be easier to trace into snprintf inside your
debugger to check, if there is a modification of that function, and if
not: add such a function "snprintf0".
Maik
> Just using snprint to put a train \0 at the maximum location
> wouldn't really help preventing overflow problems from an unsafe sprintf
> statement. For example:
>
> char buffer[8];
> double *some;
> double *other;
> double *important;
> double *variables;
>
> sprintf(buffer, "this is a very long string that won't
> fit %s, %s", "ha", "ha");
>
> will cause the buffer to overflow, thereby overwriting the other important
> variables. Placing a \0 wouldn't help in that case.
>
> But maybe I'm misunderstanding. :-)
>
> what's nice about snprintf is that it only prints the maximum allowable
> characters, but returns the number of characters. This allows one to check
> for possible overflow situation; i.e.
>
> buff[8];
> if (snprintf(buff, 8, "some string of information) > 8) {
> SG_LOG(YIKES!!);
> }
>
> I agree that in most cases the existing sprintf's are pretty well contained,
> but in cases where dynamically allocated data is involved (i.e. directories
> pathnames, and property paths). For these situations, it's hard to determine
> how large the buffers should be.
>
> Cheers,
> Durk
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems? Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> Flightgear-devel mailing list
> Flightgear-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/flightgear-devel
>
>
-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems? Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Flightgear-devel mailing list
Flightgear-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/flightgear-devel
