[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [patch #3686] Trivial patch to change sprintf to snprintf in libltdl
From: |
Daniel Reed |
Subject: |
Re: [patch #3686] Trivial patch to change sprintf to snprintf in libltdl |
Date: |
Wed, 26 Jan 2005 22:31:17 -0500 (EST) |
On 2005-01-27T03:10-0000, anonymous wrote:
) -------------------------------------------------------
) Date: Wed 01/26/2005 at 22:10 Name: ltdl.c.diff Size: 1.08KB By: None
) Changes sprintf to snprintf
) <http://savannah.gnu.org/patch/download.php?item_id=3686&item_file_id=4100>
This patch changes three calls to sprintf(buf, format, arg) to snprintf(buf,
sizeof(buf), format, arg). Unfortunately, in all three cases, buf is a
dynamically allocated buffer, so sizeof(buf) will always be 4 bytes (as
opposed to the size of the actual buffer).
Even if the correct size was used as the second argument to snprintf,
however, it would not be necessary; in at least the first and third cases,
buf is shown (in the context of the patch) to be dynamically allocated to be
exactly the correct size for the target string, so there is no possibility
for overflow.
--
Daniel Reed <address@hidden> http://people.redhat.com/djr/
http://naim.n.ml.org/
he didn't speak much english, but i think he recognized the leatherman
as a weapon -- sour, EFnet #naim
[patch #3686] Trivial patch to change sprintf to snprintf in libltdl, Ralf Wildenhues, 2005/01/27