Vulnerability Development mailing list archives
Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh)
From: Reid Nichol <rnichol () solutions net>
Date: Fri, 29 Sep 2000 09:27:02 -0500
As in the discussion of weather C is too hard or not for experience programmers, isn't your code broken? :)I didn't spend any time looking at the code. The example was there just to illustrate my point. int function(char *name) { char variable[5]; strncpy(variable, name,5); variable[(sizeof(variable)-1)] = NULL; // (sizeof(variable)-1) instead of sizeof(variable) - NULL, \0, 0 ... whatever you want.. printf("Hello %s",variable); return 0; }
This is more of a developer question, I was taught that I should always use '\0' as a terminator for my strings. What is the reason for this? Is it just a portability issue, better programming practice and is there any potential security related problems with using NULL? The security related problem being that the compiler does handle it in the right context, etc. If this seems like a stupid question please don't batter me as I am just making my first attempts to enter this field and want to be able to write secure code. Private replies are welcome. -- Reid "Sigma Nunki" Nichol If you truly love the memory, you must set it free()
Current thread:
- Re: CGI scripts in sh, (continued)
- Re: CGI scripts in sh Crispin Cowan (Sep 23)
- Re: CGI scripts in sh -jf- (Sep 22)
- C versus other languages, round 538 or so (Re: CGI scripts in sh) Bluefish (P.Magnusson) (Sep 23)
- Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Jonathan James (Sep 24)
- Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Bluefish (P.Magnusson) (Sep 25)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh) Jonathan James (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh) Bluefish (P.Magnusson) (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Jonathan James (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Bluefish (P.Magnusson) (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Jonathan James (Sep 28)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Reid Nichol (Sep 29)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Adam Clarke (Sep 28)
- Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh) Ben Galehouse (Sep 30)
- Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Ben Galehouse (Sep 27)
- Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Jonathan James (Sep 27)
- Re: C versus other languages,round 538 or so (Re: CGI scripts in sh) Crispin Cowan (Sep 28)
- Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Ryan Masters (Sep 24)
- Re: IP Spoofing with DHCP ? Matthew S. Hallacy (Sep 19)