On Mon, Sep 05, 2016 at 08:05:40AM +0300, Ali H. Fardan wrote:
> On 2016-09-05 08:01, David Gwynne wrote:
> > > On 5 Sep 2016, at 12:13, Ali H. Fardan <[email protected]> wrote:
> > >
> > > You can't specify a buffer size in asprintf() therefore, it is not
> > > secure,
> > > you can see that snprintf() does write to the `i` bytes to the buffer
> >
> > asprintf allocates the memory it needs to write to, unlike snprintf
> > which requires a preallocated buffer.
>
> when the destination is a pointer to a char, and the passed argument is a
> memory address, how is it supposed to determine the correct buffer size?
>
> Raiz
asprintf uses the internals of the printf family of functions. Look in
src/lib/libc/stdio for all the details.
-Otto
