Re: SOLVED: Daemon Programming

To: Sergio Cuéllar Valdés <herrsergio@gmail.com>
Cc: debian-testing@lists.debian.org, debian-user@lists.debian.org, debian-mentors@lists.debian.org
Subject: Re: SOLVED: Daemon Programming
From: Shyamal Prasad <shyamalprasad@verizon.net>
Date: Thu, 13 Jan 2005 20:21:07 -0800
Message-id: <[🔎] 87oefs4p58.fsf@shyamal.prasad.verizon.net>
In-reply-to: <[🔎] 7663371b050113194128053a47@mail.gmail.com> (Sergio Cuéllar Valdés's message of "Thu, 13 Jan 2005 21:41:29 -0600")
References: <[🔎] 7663371b050113124368650253@mail.gmail.com> <87acrcsp9k.fsf@aptiva.optonline.net> <[🔎] 7663371b0501131931a2c2e6e@mail.gmail.com> <[🔎] 7663371b050113194128053a47@mail.gmail.com>

    "Sergio" == Sergio Cuéllar Valdés <herrsergio@gmail.com> writes:

    Sergio> sprintf(message, "/usr/local/bin/say -s 4 -a \"%s\"", buffer);

Note that this is a classic security problem since both message and
buffer are exactly the same size (BUFSIZE == 1024). Use snprintf or
otherwise validate the size.

Cheers!
Shyamal

Reply to:

References:
- Daemon Programming
  - From: "Sergio Cuéllar" <herrsergio@gmail.com>
- Re: Daemon Programming
  - From: Sergio Cuéllar Valdés <herrsergio@gmail.com>
- Re: SOLVED: Daemon Programming
  - From: Sergio Cuéllar Valdés <herrsergio@gmail.com>

Prev by Date: Re: NIS
Next by Date: Home networking!
Previous by thread: Re: SOLVED: Daemon Programming
Next by thread: wings3d
Index(es):
- Date
- Thread