| commit | 042d97589cb3fb0b9b7a7e56fa0aceacb4188fa7 | |
| author | Dan Carpenter <error27@gmail.com> | |
| Tue, 18 May 2010 09:38:47 +0000 (18 11:38 +0200) | ||
| committer | Dan Carpenter <error27@gmail.com> | |
| Tue, 18 May 2010 09:38:47 +0000 (18 11:38 +0200) | ||
| tree | ec6973e00d9e992c3960ae1d024b7102ebea8a93 | treesnapshot (tar.gz zip) |
| parent | 495720f9ac6283c4d840aa46ab34180ecc4314ca | commitdiff |
*new* check_snprintf: using the return value of snprintf as a limitter
Sometimes people do stuff like:
len = snprintf(buf, sizeof(buf), "asdfasdf");
memcpy(buf2, buf, len);
But that's nonsense, if you don't care about writing past sizeof(buf) then
why even use snprintf() instead of sprintf()?
Actually it turns out that this test mostly prints false positives. The
strings fit inside the buffers and snprintf() was only used out of habit.
Hopefully I will write a better way of analyzing printf strings to find
the maximum length. That should get rid of most of the false positives and
is useful for finding buffer overflows as well.
Signed-off-by: Dan Carpenter <error27@gmail.com>
Sometimes people do stuff like:
len = snprintf(buf, sizeof(buf), "asdfasdf");
memcpy(buf2, buf, len);
But that's nonsense, if you don't care about writing past sizeof(buf) then
why even use snprintf() instead of sprintf()?
Actually it turns out that this test mostly prints false positives. The
strings fit inside the buffers and snprintf() was only used out of habit.
Hopefully I will write a better way of analyzing printf strings to find
the maximum length. That should get rid of most of the false positives and
is useful for finding buffer overflows as well.
Signed-off-by: Dan Carpenter <error27@gmail.com>
| check_list.h | diffblobblamehistory | |
| check_snprintf.c | [new file with mode: 0644] | blob |