On 9/13/09 12:01 PM, Jens Alfke said:

>It would be best to convert all your sprintf calls to snprintf, which
>is a safer equivalent that won't overflow the buffer.

Yes, sprintf is pure evil.  snprintf is less evil.

Also, I recommend adding -fstack-protector -D_FORTIFY_SOURCE=2, they can
help catch some of these problems.  And valgrind would probably have
caught this problem immediately.

--
____________________________________________________________
Sean McBride, B. Eng                 s...@rogue-research.com
Rogue Research                        www.rogue-research.com
Mac Software Developer              Montréal, Québec, Canada


_______________________________________________

Cocoa-dev mailing list (Cocoa-dev@lists.apple.com)

Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com

Help/Unsubscribe/Update your Subscription:
http://lists.apple.com/mailman/options/cocoa-dev/archive%40mail-archive.com

This email sent to arch...@mail-archive.com

Reply via email to