> > > * [EMAIL PROTECTED] (Gene Buckle) [2003.11.12 10:35]:
> > > > code:
> > > >
> > > > static const char *
> > > > getDateString ()
> > > > {
> > > > static char buf[64]; // FIXME
> > > > struct tm * t = globals->get_time_params()->getGmt();
> > > > sprintf(buf, "%.4d-%.2d-%.2dT%.2d:%.2d:%.2d",
> > > > t->tm_year + 1900, t->tm_mon + 1, t->tm_mday,
> > > > t->tm_hour, t->tm_min, t->tm_sec);
> > > > return buf;
> > > > }
> > > >
> > > > Why the FIXME in the declaration of buf? Is there a better way of doing
> > > > that? Is there a buffer overrun concern or something?
> > >
> > > We should at least be using snprintf() here.
> > >
> > So what makes snprintf() a better choice than sprintf()?
> >
> snprintf(buf, buflen, format, ...) will not write more than buflen
> characters (including the trailing '\0') - this protects you against
> a possible buffer overflow . . .
>
> It probably isn't necessary in this case, but it's a Good Habit To
> Get Into(tm).
>
Thanks Simon.
g.
_______________________________________________
Flightgear-devel mailing list
[EMAIL PROTECTED]
http://mail.flightgear.org/mailman/listinfo/flightgear-devel
