On Jan 6, 2016, at 7:53 AM, Insu Yun wrote:
>
> Return value of snprintf is not bound by size value, 2nd argument.
> (https://www.kernel.org/doc/htmldocs/kernel-api/API-snprintf.html).
> Return value is number of printed chars, can be larger than 2nd argument.
> Therefore, it can write null byte
Return value of snprintf is not bound by size value, 2nd argument.
(https://www.kernel.org/doc/htmldocs/kernel-api/API-snprintf.html).
Return value is number of printed chars, can be larger than 2nd argument.
Therefore, it can write null byte out of bounds ofbuffer.
Since snprintf puts null, it doe
2 matches
Mail list logo