On Oct 1, 2002 at 01:42, q u a s i wrote:
At 10:18 even 9/29/02 -0700, Satya wrote:
>Fixed-size arrays are often (not always) bad.
ummm... Would it be possible to enlighten us (me) on
Classic buffer overflow. Say you have:
char buf; /* i like 80 */
and you read user input or network data into that buffer, without
Even if you do bounds checking, you'll have a limited input condition.
This is fine if, for example, you're reading birthdates in yyyymmdd
format (example, could be mm-dd-yyyy for all I care), you know it's
always going to be 8 (or 9, considering Y10K) chars (plus 1 for the
trailing null, which depending on your application you may not need),
so you can have that be static.
But it's safest to malloc and realloc, because then you're only
limited by how much memory the OS is willing to give you.
Kernel panic: I have no root and I want to scream <--- perfect error