- changed status to resolved
Defensive programming against buffer overflow
Issue #43
resolved
As per the advice in the Unix Network Programming Book, p.15, replace:
-
sprintf with snprintf
-
gets with fgets
-
strcat with strncat (or strlcat)
-
strcpy with strncpy (or strlcpy)
Comments (1)
-
reporter - Log in to comment
Finally, I took the time to replace all strcpy() and strcat() with snprintf() (my version...) and strncpy() (my version) and strncat()...