OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
Vuln-Dev Archives: Re: Secure coding in C (was Re: Administrivi

Re: Secure coding in C (was Re: Administrivia #4883)

Subject: Re: Secure coding in C (was Re: Administrivia #4883)
From: Seth R Arnold (sarnoldWILLAMETTE.EDU)
Date: Fri Jan 21 2000 - 02:20:04 CST

On Thu, Jan 20, 2000 at 11:57:38PM -0800, Marco Walther wrote:
> And the same paragraph from the Solaris 8 snprintf man page:
>
> " The snprintf() function is identical to sprintf() with the
> addition of the argument n, which specifies the size of the
> buffer referred to by s. The buffer is always terminated
> with the null byte."
>
> I've tried a small test case on Solaris 7 and it looks like the man is
> not correct there?!
>
> #include <stdio.h>
>
> main()
> {
> char b[10];
>
> snprintf(b, 10, "I'm a really long test string!\n");
>
> printf("b[9]= %d\n", (int)b[9]);
> }
>
> returns `b[9]= 0'

Marco, might I be so bold to ask what you expected to happen? AFAICT, that
is correct behavior..

But, my C coding experience is .. limited. :) 

--
Seth Arnold | http://www.willamette.edu/~sarnold/
Hate spam? See http://maps.vix.com/rbl/ for help
Hi! I'm a .signature virus! Copy me into
your ~/.signature to help me spread!

This archive was generated by hypermail 2b27 : Fri Jan 21 2000 - 02:32:00 CST