Vulnerability Development mailing list archives
Re: Secure coding in C (was Re: Administrivia #4883)
From: BlueBoar () THIEVCO COM (Blue Boar)
Date: Sat, 15 Jan 2000 22:03:28 -0800
Bennett Todd wrote:
char *a = something(); char *b = something_else(); int len = strlen(a) + strlen(b); char *c = malloc(len + 1) || die("malloc"); (void) strcat(strcpy(c, a), b);
If you have any reasonable idea what a maximum size for a or b might be, then this could be better. As it is, if I'm trying to DoS you but sending huge strings, you've made it that much easier by doubling the amount of RAM needed. Since you're limiting yourself to MAXINT anyway, you should check that against the sizes of a and b before you malloc. OTOH, since you mentioned this is a mail app... if those variables represent the body of the message, you have no real choice. BB
Current thread:
- Re: things to break.., (continued)
- Re: things to break.. Matt Conover (Jan 25)
- Re: things to break.. Simple Nomad (Jan 25)
- Re: things to break.. Jordan Ritter (Jan 25)
- ICQ Pass Cracker. WolF Knox (Jan 26)
- Re: ICQ Pass Cracker. Blue Boar (Jan 26)
- Re: ICQ Pass Cracker. Usman (Jan 26)
- Re: ICQ Pass Cracker. Vladimir Dubrovin (Jan 27)
- Shadow kjkotas (Jan 24)
- Re: Secure coding in C (was Re: Administrivia #4883) Marc Slemko (Jan 21)
- Re: Secure coding in C (was Re: Administrivia #4883) Warner Losh (Jan 21)
- Re: Secure coding in C (was Re: Administrivia #4883) Blue Boar (Jan 15)
- Re: Secure coding in C (was Re: Administrivia #4883) Brian Kifiak (Jan 16)
- Re: Administrivia #4883 Blue Boar (Jan 15)
- ICQ (Was Re: Administrivia #4883) Imran Ghory (Jan 16)