Vulnerability Development mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Secure coding in C (was Re: Administrivia #4883)

From: mikael.olsson () ENTERNET SE (Mikael Olsson)
Date: Fri, 21 Jan 2000 12:12:35 +0100

Blue Boar wrote:


So, the test above was to take a 10 character buffer, and try to
use snprintf to cram something longer in it.  If snprintf was
broken like the man page suggested, then the 10th character
would have been the letter l from "really", instead of a zero
as it should be.  However, it works just fine, and the 10th
character is a 0.

And that's the right thing.. it just means the documentation needs
an update. :)



It also means that someone is going to assume that they can use
snprintf() without any precautions, since
"their code will only ever run on solaris" until someone
decides to port it, and forgets about fixing the snprintf()
SNAFUs.

Myself, I always end all my string ops by NULing the last
character in the buffer. That way I _KNOW_ I'm safe.

char mybuf[10];
strncpy(mybuf, unknowninputstring, sizeof(mybuf));
mybuf[sizeof(mybuf)-1]='\0';

Oh, and by the way, these few lines placed in a commonly
included help file help a long way:
#define strcpy __do_NOT_use_strcpy__
#define sprintf __do_NOT_use_sprintf__
etc etc etc ...

All's well :-)

/Mike

--
Mikael Olsson, EnterNet Sweden AB, Box 393, S-891 28 ÖRNSKÖLDSVIK
Phone: +46 (0)660 105 50           Fax: +46 (0)660 122 50
Mobile: +46 (0)70 248 00 33
WWW: http://www.enternet.se        E-mail: mikael.olsson () enternet se
Previous By Date Next
Previous By Thread Next

Current thread: