Vulnerability Development mailing list archives
Re: Secure coding in C (was Re: Administrivia #4883)
From: BlueBoar () THIEVCO COM (Blue Boar)
Date: Fri, 21 Jan 2000 00:38:45 -0800
Seth R Arnold wrote:
On Thu, Jan 20, 2000 at 11:57:38PM -0800, Marco Walther wrote:And the same paragraph from the Solaris 8 snprintf man page: " The snprintf() function is identical to sprintf() with the addition of the argument n, which specifies the size of the buffer referred to by s. The buffer is always terminated with the null byte." I've tried a small test case on Solaris 7 and it looks like the man is not correct there?! #include <stdio.h> main() { char b[10]; snprintf(b, 10, "I'm a really long test string!\n"); printf("b[9]= %d\n", (int)b[9]); } returns `b[9]= 0'Marco, might I be so bold to ask what you expected to happen? AFAICT, that is correct behavior..
I *believe* (And I'll let Marco explain himself too, if and when the post arrives) that what he's trying to demonstrate is that it does in fact work correctly, as you've said. The problem was that the Solaris 7 docs say it won't necessarily work correctly, even though it looks like it does. For the benefit of those on the list who haven't followed this thread as well as they would have liked, I'm going to do a verbose explanation. In the C language, strings are supposed to end in a 0 (null character) so that various functions, like printf, know when the string stops. If there is no 0, it prints right off the end of the string, causing weird output. So, the test above was to take a 10 character buffer, and try to use snprintf to cram something longer in it. If snprintf was broken like the man page suggested, then the 10th character would have been the letter l from "really", instead of a zero as it should be. However, it works just fine, and the 10th character is a 0. And that's the right thing.. it just means the documentation needs an update. :) BB
Current thread:
- Re: Secure coding in C (was Re: Administrivia #4883), (continued)
- Re: Secure coding in C (was Re: Administrivia #4883) Craig H. Rowland (Jan 17)
- Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21 Days Solar Eclipse (Jan 17)
- Re: Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21 Days Blue Boar (Jan 17)
- Re: Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21 Days kay (Jan 18)
- Re: Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21Days Blue Boar (Jan 18)
- e-commerce site security (was: Re: Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21 Days) Jon Paul, Nollmann (Jan 18)
- Re: Secure coding in C (was Re: Administrivia #4883) Warner Losh (Jan 17)
- Re: Secure coding in C (was Re: Administrivia #4883) Tellier, Brock (Jan 20)
- Re: Secure coding in C (was Re: Administrivia #4883) Marco Walther (Jan 20)
- Re: Secure coding in C (was Re: Administrivia #4883) Seth R Arnold (Jan 21)
- Re: Secure coding in C (was Re: Administrivia #4883) Blue Boar (Jan 21)
- Re: Secure coding in C (was Re: Administrivia #4883) Mikael Olsson (Jan 21)
- Re: Secure coding in C (was Re: Administrivia #4883) Marco Walther (Jan 21)
- Re: Secure coding in C (was Re: Administrivia #4883) CyberPsychotic (Jan 22)
- Re: Secure coding in C (was Re: Administrivia #4883) Marc Esipovich (Jan 21)
- Generalized List of Threats and Vulnerabilities Dave Drake (Jan 21)
- Re: Generalized List of Threats and Vulnerabilities Seth R Arnold (Jan 21)
- Re: Generalized List of Threats and Vulnerabilities Crispin Cowan (Jan 23)
- Re: Generalized List of Threats and Vulnerabilities John Duksta (Jan 21)
- Administrivia #5218 Blue Boar (Jan 21)
- Re: Administrivia #5218 Imran Ghory (Jan 22)