At 02:39 even 9/30/02 -0700, Satya wrote:
Classic buffer overflow. Say you have[...]:
buffer over flow is defined as when you feed more data than
the buffer has [free] capacity for. Due to the C legacy
which does not do bound checking for array writes this may
lead to to bad places. Agreed. But when you malloc you
allocate /limited/ memory too. There is /no/ way to prevent
you from overflowing an allocated buffer if you so wish.
I think the thing with a fixed-sized array on the stack is that
a buffer overrun will more certainly overwrite the program code
which is far more dangerous than overwriting some random memory.