ARGC/ARGV Strangeness - Code is working
Tim Writer
tim-s/rLXaiAEBtBDgjK7y7TUQ at public.gmane.org
Thu Sep 22 04:09:22 UTC 2005
pking123-rieW9WUcm8FFJ04o6PK0Fg at public.gmane.org writes:
> > Bad habit. What happens if your argument is longer than 4 chars? Try
> > using strncpy(3).
> >
>
> I think a later poster suggested to use argc[count] directly and it
> would be a more "global" fix. The reason for the 5 characters was
> arbitrary, since I don't feel that there is too much of a chance of
> my needing to obtain ascii values for numbers greater than 9,999.
Fine, if you're just learning, but any useful program must be prepared to
deal with erroneous input. In this case, if the user enters a number larger
than 9,999 (or less than -999 or with leading zeros), you have a buffer
overrun which could crash your program or (worse) produce incorrect
results. If this code were used in a network setting (e.g. to take input from
a web application), it could be a security hole giving unauthorized users
access to your system.
--
tim writer <tim-s/rLXaiAEBtBDgjK7y7TUQ at public.gmane.org> starnix inc.
647.722.5301 toronto, ontario, canada
http://www.starnix.com professional linux services & products
--
The Toronto Linux Users Group. Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml
More information about the Legacy
mailing list