On 2016-09-05 11:03, Tom Cosgrove wrote:
Ali H. Fardan <[email protected]> 5-Sep-16 08:47 >>>
On 2016-09-05 10:44, David Gwynne wrote:
>> On 5 Sep 2016, at 17:39, Ali H. Fardan <[email protected]> wrote:
>>
>> and why is he telling me this? I just said if the destination is a
>> pointer to char, how would a function automagically allocate a size
>> for it?
>
> its not a pointer to a char, its a pointer to a char pointer:
>
> as per the man page:
>
> int
> asprintf(char **ret, const char *format, ...);
>
> dlg
Still doesn't mean that it can automagically allocate a correct
buffer size.
It does allocate the correct buffer size. It's got all the information
it
needs to do that with the format string and the parameters. Then it
returns
the buffer address via the `ret' argument.
If you don't believe us, read the source code and tell us where we are
wrong.
Tom
then that patch does weaken security, the buffer can overflow.
