Vulnerability Development mailing list archives
Re: Secure coding in C (was Re: Administrivia #4883)
From: marcow () JENA ENG SUN COM (Marco Walther)
Date: Fri, 21 Jan 2000 10:48:10 -0800
"BB" == Blue Boar <BlueBoar () THIEVCO COM> writes:
BB> Seth R Arnold wrote:
On Thu, Jan 20, 2000 at 11:57:38PM -0800, Marco Walther wrote:And the same paragraph from the Solaris 8 snprintf man page: " The snprintf() function is identical to sprintf() with the addition of the argument n, which specifies the size of the buffer referred to by s. The buffer is always terminated with the null byte." I've tried a small test case on Solaris 7 and it looks like the man is not correct there?! #include <stdio.h> main() { char b[10]; snprintf(b, 10, "I'm a really long test string!\n"); printf("b[9]= %d\n", (int)b[9]); } returns `b[9]= 0'Marco, might I be so bold to ask what you expected to happen? AFAICT, that is correct behavior..
BB> I *believe* (And I'll let Marco explain himself too, if and when the post BB> arrives) that what he's trying to demonstrate is that it does in fact BB> work correctly, as you've said. The problem was that the Solaris 7 docs BB> say it won't necessarily work correctly, even though it looks like it does. Yes, that was exactly my point. I've checked this a little bit further and it's really a bug in the man page of Solaris 7. It's fixed for Solaris 8. Thanks, -- Marco --
Current thread:
- Re: Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21 Days, (continued)
- Re: Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21 Days Blue Boar (Jan 17)
- Re: Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21 Days kay (Jan 18)
- Re: Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21Days Blue Boar (Jan 18)
- e-commerce site security (was: Re: Solar Eclipse's Guide To Stealing 100000 Credit Cards in 21 Days) Jon Paul, Nollmann (Jan 18)
- Re: Secure coding in C (was Re: Administrivia #4883) Warner Losh (Jan 17)
- Re: Secure coding in C (was Re: Administrivia #4883) Tellier, Brock (Jan 20)
- Re: Secure coding in C (was Re: Administrivia #4883) Marco Walther (Jan 20)
- Re: Secure coding in C (was Re: Administrivia #4883) Seth R Arnold (Jan 21)
- Re: Secure coding in C (was Re: Administrivia #4883) Blue Boar (Jan 21)
- Re: Secure coding in C (was Re: Administrivia #4883) Mikael Olsson (Jan 21)
- Re: Secure coding in C (was Re: Administrivia #4883) Marco Walther (Jan 21)
- Re: Secure coding in C (was Re: Administrivia #4883) CyberPsychotic (Jan 22)
- Re: Secure coding in C (was Re: Administrivia #4883) Marc Esipovich (Jan 21)
- Generalized List of Threats and Vulnerabilities Dave Drake (Jan 21)
- Re: Generalized List of Threats and Vulnerabilities Seth R Arnold (Jan 21)
- Re: Generalized List of Threats and Vulnerabilities Crispin Cowan (Jan 23)
- Re: Generalized List of Threats and Vulnerabilities John Duksta (Jan 21)
- Administrivia #5218 Blue Boar (Jan 21)
- Re: Administrivia #5218 Imran Ghory (Jan 22)
- Re: Administrivia #5218 kjkotas (Jan 22)
- Re: Administrivia #5218 Granquist, Lamont (Jan 24)