Hi list, I have identified a few potentially unsafe operations in cmake's code. They're mostly related to unchecked buffer sizes. The most frightening of them is inside cmake.cxx.
Just an example: sprintf(tgtName, "%s%d", graphNodePrefix, cnt++); It wouldn't be that much of an issue to change them into snprintf's, while I suppose it would aid debugging quite a lot in some strange cases (beware of Murphy). I'm not really involved into using cmake, but it catched my eye when looking at the code. So I can't tell the maximum acceptable buffersize, though I'm sure you can. Thanks in advance, /Markus _______________________________________________ CMake mailing list CMake@cmake.org http://www.cmake.org/mailman/listinfo/cmake
