Hi,
With a security perspective, the buffer overflow problem is not anything to do with bound arrays. Oh no no no..
It is w.r.t how your coding logic works! what you want to make sure is you copy only as much data as you have allotted space for. It doesn't matter if this memory allocation was done using malloc or arrays
but there is one place where dynamic allocation is not good. Think maximum memory allocation char buf[2 << 16]; when in a particular execution you only needed 2<< 5 bytes!
u might b better off simply allotting (digging) only as much as you need(to bury)! again in satya's eg. of date.. i m sure people are going to pass me a string with dd-mm-yy or some such variant.. then i m trusting them to b good citizens. So i would do either (array or malloc) and write code as strcpy(this_foo_date, nice_date); will b crashed by a cracker quickly by making nice_date to a abnormally large size and the strcpy will copy more than it intends! solution.. strncpy(this_foo_date, evil_date, i_max_size_allowed);
Point: It did not matter if it was malloc'ed or array defined. just my 2 bits.
Shailesh
--- Satya satyap@satya.virtualave.net wrote:
On Oct 1, 2002 at 01:42, q u a s i wrote:
At 10:18 even 9/29/02 -0700, Satya wrote:
Fixed-size arrays are often (not always) bad.
ummm... Would it be possible to enlighten us (me) on
this issue?
Classic buffer overflow. Say you have:
char buf[80]; /* i like 80 */
and you read user input or network data into that buffer, without checking bounds.
Even if you do bounds checking, you'll have a limited input condition.
This is fine if, for example, you're reading birthdates in yyyymmdd format (example, could be mm-dd-yyyy for all I care), you know it's always going to be 8 (or 9, considering Y10K) chars (plus 1 for the trailing null, which depending on your application you may not need), so you can have that be static.
But it's safest to malloc and realloc, because then you're only limited by how much memory the OS is willing to give you.
-- Satya. URL:http://satya.virtualave.net/ Kernel panic: I have no root and I want to scream <--- perfect error message
__________________________________________________ Do you Yahoo!? New DSL Internet Access from SBC & Yahoo! http://sbc.yahoo.com