On 02/14/2011 10:03 AM, James Mckenzie wrote: > I've found very obvious buffer overflow conditions and failures to enforce > changes of variable types in publically available code bases.
It's been years since I did any C programming, and my memory of it is dusty (as Ziva David once phrased it) but I do remember that there are two, very similar functions for copying strings. One copies as many bytes as you give it, the other copies only as many as you specify if there are "too many" given. Just using the second instead of the first would prevent most of the easier buffer overflow exploits, if not all. By now, I'd think that would be automatic, but then, I'm not a programmer any more. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
