Hi,
Am 15.04.2014 09:42, schrieb Gert Doering:> char *
> get_ssl_library_version(void)
> {
> static char polar_version[30];
> unsigned int pv = version_get_number();
> sprintf( polar_version, "PolarSSL %d.%d.%d",
> (pv>>24)&0xff, (pv>>16)&0xff, (pv>>8)&0xff );
> return polar_version;
> }
>
> this is well-defined (polarssl/version.h), and guaranteed to not overflow.
wouldn't be using snprintf with length sizeof(polar_version) instead of
just sprintf be better as to make sure this will not be broken by
accident in future?
Regards,
M. Braun
