Vulnerability Development mailing list archives
Re: OT: snprintf() null termination
From: Gerardo Richarte <core.lists.exploit-dev () core-sdi com>
Date: Thu, 30 May 2002 15:21:02 -0300
Vanja Hrustic wrote:
So - do all platforms properly null-terminate string (on overflow) when snprintf() is used, or one should still use "sizeof(string)-1" for the size of the snprintf()-ed string?
regarding snprintf(): -Linux, Solaris and OpenBSD do terminate with NUL when not enough space is available -Windows does not (Microsoft's libraries, at least up to Visual Studio 6) the other OSes where not tested, but I guess most unixes will (just guessing) gera --- for a personal reply use: Gerardo Richarte <gera () corest com>
Current thread:
- OT: snprintf() null termination Vanja Hrustic (May 30)
- Re: OT: snprintf() null termination Gerardo Richarte (May 30)
- <Possible follow-ups>
- RE: OT: snprintf() null termination Michael Wojcik (May 30)