OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Vuln-Dev Archives: Re: Secure coding in C (was Re: Administrivi

Re: Secure coding in C (was Re: Administrivia #4883)

Subject: Re: Secure coding in C (was Re: Administrivia #4883)
From: Brian Masney (masneybSEUL.ORG)
Date: Sun Jan 16 2000 - 11:18:37 CST

> ] char *a = something();
> ] char *b = something_else();
> ] int len = strlen(a) + strlen(b);
> ] char *c = malloc(len + 1) || die("malloc");
> ] (void) strcat(strcpy(c, a), b);
> ]
> ] BTW, what I ended up coding instead of that last line (as it grew
> ] way more complex) was equivalent to:
> ]
> ] snprintf(c, len, "%s%s", a, b) > 0 || die "snprintf";

On some UNIX systems, snprintf does not guarentee that it will nul
terminate the string. I know on some older versions of libc5 (sorry,
don't have an exact version), if the buffer you was writing to got to the
max size you passed it, it would stop there without adding the nul. So,
you'll run into problems later on if you pass it to a string
function (like strcpy())

> I would like to point out glib - it si available from ftp.gtk.org and its
> mirrors. It is mainly a utility function library, widely used in Gtk+ and
> GNOME, but it has nothing to do with GUI at all. Particularly interesting
> is its GString object (yes, object; OOP is possible in C). To quote the
> manual:

glib also has many other string functions as well, like g_snprintf().
snprintf() is a GNU extension, and it isn't implemented across all unix
platforms.

Brian

This archive was generated by hypermail 2b27 : Sun Jan 16 2000 - 11:34:13 CST