View Issue Details
| ID | Project | Category | View Status | Date Submitted | Last Update |
|---|---|---|---|---|---|
| 0000567 | LDMud 3.5 | Implementation | public | 2008-09-09 16:09 | 2008-09-10 15:45 |
| Reporter | zesstra | Assigned To | |||
| Priority | low | Severity | minor | Reproducibility | N/A |
| Status | new | Resolution | open | ||
| Summary | 0000567: sprintf() with fixed sized buffers should be avoided - use snprintf() | ||||
| Description | Stuff like: char buff[80]; sprintf(buff, "%ld", argp->u.number); if (buff[sizeof(buff)-1] != '\0') fatal(); from interpret.c should be avoided. Instead something like char buff[80]; if (snprintf(buff, 80, "%ld", argp->u.number) >= 80) errorf(); would be much safer (both for preventing crashes as well as buffer overflow exploits). I admit, this is not the best example, as p_int in string representation will not exceed 79 characters for any near future, but take it as a matter of principle. ;-) We should always use snprintf() instead of sprintf() for writing into buffers. | ||||
| Tags | No tags attached. | ||||
