Re: Unchecked sprintf/strcat?

To: Mutt Developers <mutt-dev@xxxxxxxx>
Subject: Re: Unchecked sprintf/strcat?
From: Thomas Roessler <roessler@xxxxxxxxxxxxxxxxxx>
Date: Mon, 22 May 2006 09:17:07 +0100
In-reply-to: <20060522022527.GA13408@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Mail-followup-to: Mutt Developers <mutt-dev@xxxxxxxx>
References: <20060521093546.GA32101@xxxxxxxxxxxxxxxxxxxxxxxxxx> <20060521172830.GC32216@xxxxxxxxxx> <20060522022527.GA13408@xxxxxxxxxxxxxxxxxxxxxxxxxx>
Sender: Thomas Roessler <roessler@xxxxxxxxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.11

On 2006-05-22 11:25:27 +0900, TAKAHASHI Tamotsu wrote:

>> if you don't trust the own code, use functions that raise
>> an assertion failure when the buffer is overflowed.
> 
> Thanks for the suggestion.
> I'd rather add the assertion to safe_strcat and simply use
> "safe_strcat(dst,sizeof(dst),buf)" than use
> "if(len>0&&len<sizeof(buf))strcat(dst,len);else return(1);"
> everywhere.

Be careful about that -- mutt is using truncating string
functions not just for safety, but also to, well, truncate
strings.

(snprintf *is* being used this way; I don't recall whether
safe_strcat is.)

-- 
Thomas Roessler · Personal soap box at <http://log.does-not-exist.org/>.

Follow-Ups:
- Re: Unchecked sprintf/strcat?
  - From: TAKAHASHI Tamotsu

References:
- Unchecked sprintf/strcat?
  - From: TAKAHASHI Tamotsu
- Re: Unchecked sprintf/strcat?
  - From: Oswald Buddenhagen
- Re: Unchecked sprintf/strcat?
  - From: TAKAHASHI Tamotsu

Prev by Date: [2006-05-22] CVS repository changes
Next by Date: Re: Poll remove exact address code? (was: Re: Obsolete features)
Previous by thread: Re: Unchecked sprintf/strcat?
Next by thread: Re: Unchecked sprintf/strcat?
Index(es):
- Date
- Thread