<<< Date Index >>>     <<< Thread Index >>>

Re: Unchecked sprintf/strcat?



On 2006-05-22 11:25:27 +0900, TAKAHASHI Tamotsu wrote:

>> if you don't trust the own code, use functions that raise
>> an assertion failure when the buffer is overflowed.
> 
> Thanks for the suggestion.
> I'd rather add the assertion to safe_strcat and simply use
> "safe_strcat(dst,sizeof(dst),buf)" than use
> "if(len>0&&len<sizeof(buf))strcat(dst,len);else return(1);"
> everywhere.

Be careful about that -- mutt is using truncating string
functions not just for safety, but also to, well, truncate
strings.

(snprintf *is* being used this way; I don't recall whether
safe_strcat is.)

-- 
Thomas Roessler · Personal soap box at <http://log.does-not-exist.org/>.