[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [leafnode-list] 2.0b3 compile-time warnings

To: leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx
Subject: Re: [leafnode-list] 2.0b3 compile-time warnings
From: krasel@xxxxxxxxxxxxxxxxxxxxxxxxxxxx (Cornelius Krasel)
Date: by mail-ob (mbox horst.fischer)(with Cubic Circle's cucipop (v1.31 1998/05/13) Mon Oct 30 22:21:05 2000)

Matthias Andree wrote:

[...]

> Some things remain:
> * getting rid of all sscanf (will do later)

Why is this desirable? Methinks that writing your own parsing functions
for all kinds of strings is *really* error-prone. I think the only
possibility of a sscanf()-caused buffer overflow would be in nntpd.c,
doauthinfo():
	if ( sscanf( arg, "%s %s", cmd, param ) != 2 )
Everywhere else, sscanf() is only used to extract ints/longs from
strings.

Curious,
--Cornelius.

-- 
/* Cornelius Krasel, U Wuerzburg, Dept. of Pharmacology, Versbacher Str. 9 */
/* D-97078 Wuerzburg, Germany   email: phak004@xxxxxxxxxxxxxxxxxxxxxx  SP4 */
/* "Science is the game we play with God to find out what His rules are."  */

-- 
leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx -- mailing list for leafnode
To unsubscribe, send mail with "unsubscribe" in the subject to the list

Follow-Ups:
- Re: [leafnode-list] 2.0b3 compile-time warnings
  - From: Matthias Andree

References:
- Re: [leafnode-list] 2.0b3 compile-time warnings
  - From: Matthias Andree

Prev by Date: [leafnode-list] Incorrect GMT offset in NEWGROUPS command
Next by Date: Re: [leafnode-list] Re: [FIX->1.9.14-ma1] fetchnews doesn't do LIST, getaline fix
Previous by thread: Re: [leafnode-list] 2.0b3 compile-time warnings
Next by thread: Re: [leafnode-list] 2.0b3 compile-time warnings
Index(es):
- Date
- Thread