|
Software Library |
|
|
||
|
Visit our blog, Open Sores: Tips From the Trenches |
Enterprise Linux Hosting | ||||
| Page Sponsor |
|
|
| Applications | |
| Lists |
| Misc |
| OS |
| Scripting |
|
|
|
|
Re: Are bad developer libraries the problem with M$ software?
From: <cdavison(at)nucleus.com>
Date: Mon Nov 18 2002 - 12:42:06 EST
I handle this by always setting dst[len-1] = '\0'; Received on Mon Nov 18 15:18:37 2002
Date: Mon Nov 18 2002 - 12:42:06 EST
- Original Message ----- From: Frank Knobbe Sent: 11/18/2002 10:27:09 AM To: mikehow@microsoft.com Cc: phani@myrealbox.com;secprog@securityfocus.com Subject: RE: Are bad developer libraries the problem with M$ software?
> As a side note, proper use of snprintf would be:
I believe you mean strlen and not sizeof. sizeof(mystr) will return the same as sizeof(char*), which is sizeof(int) in most cases or 4 on 32-bit platforms. Unless there's something I wasn't aware of: you're using a bizarre compiler, or C++, or there's a special case for char arrays on the stack.
> Perhaps we should start development of a standardized 'safe' header file
These are good ideas, and you should expand them to handle the case where the destination string is not \0-terminated. Example: strncpy.
The strncpy() function copies not more than len characters from src into
dst, appending `\0' characters if src is less than len characters long,
and not terminating dst otherwise.
I handle this by always setting dst[len-1] = '\0'; Received on Mon Nov 18 15:18:37 2002
This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:44 EDT
|
Contact Us Legal Notices Order Services Online Pantek Home Privacy Policy IT news Site Map Pantek Library |
