Re: [Flightgear-devel] sprintf usage

Sat, 13 Oct 2007 02:57:03 -0700 

Hi Durk,
Durk Talsma schrieb am 13.10.2007 11:44:
> Just curious: Do you have an example of that? I did a grep for '\0'on the 
> source tree, but didn't come up with anything resembling such a use of 
> snprintf. 
Maybe you need to grep for = 0.
But I think it should be easier to trace into snprintf inside your 
debugger to check, if there is a modification of that function, and if 
not: add such a function "snprintf0".

Maik

> Just using snprint to put a train \0 at the maximum location 
> wouldn't really help preventing overflow problems from an unsafe sprintf 
> statement. For example:
>
> char buffer[8];
> double *some;
> double *other;
> double *important;
> double *variables;
>
> sprintf(buffer, "this is a very long string that won't 
> fit %s, %s", "ha", "ha");
>
> will cause the buffer to overflow, thereby overwriting the other important 
> variables. Placing a \0 wouldn't help in that case.
>
> But maybe I'm misunderstanding. :-)
>
> what's nice about snprintf is that it only prints the maximum allowable 
> characters, but returns the number of characters. This allows one to check 
> for possible overflow situation; i.e.
>
> buff[8];
> if (snprintf(buff, 8, "some string of information) > 8) {
>      SG_LOG(YIKES!!);
> }
>
> I agree that in most cases the existing sprintf's are pretty well contained, 
> but in cases where dynamically allocated data is involved (i.e. directories 
> pathnames, and property paths). For these situations, it's hard to determine 
> how large the buffers should be. 
>
> Cheers,
> Durk
>
>
> -------------------------------------------------------------------------
> This SF.net email is sponsored by: Splunk Inc.
> Still grepping through log files to find problems?  Stop.
> Now Search log events and configuration files using AJAX and a browser.
> Download your FREE copy of Splunk now >> http://get.splunk.com/
> _______________________________________________
> Flightgear-devel mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/flightgear-devel
>
>   


-------------------------------------------------------------------------
This SF.net email is sponsored by: Splunk Inc.
Still grepping through log files to find problems?  Stop.
Now Search log events and configuration files using AJAX and a browser.
Download your FREE copy of Splunk now >> http://get.splunk.com/
_______________________________________________
Flightgear-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/flightgear-devel

Reply via email to