[Insight-developers] Change in ITK[master]: BUG: Fix possibility of buffer overflow in itkNumericSeriesF...
Sean McBride
sean at rogue-research.com
Wed Jan 5 11:39:32 EST 2011
On Wed, 5 Jan 2011 09:47:23 -0600, Hans Johnson said:
>> VS 2008 docs point to _snprintf for snprintf, and have this warning:
>> "Ensure that format is not a user-defined string. Because this function
>> does not guarantee NULL termination (in particular, when the return
>> value is count), ensure that it is followed by code that adds the null
>> terminator. "
>>
>> As long as a null terminator is added after the call for safety, I don't
>> see why you can't use an user-defined string, unless the routine dumbly
>> writes the whole formatted string to the buffer without regard to its
>> defined size.
Regarding user-supplied format strings, see, for example:
<http://en.wikipedia.org/wiki/Format_string_attack>
<https://www.securecoding.cert.org/confluence/display/seccode/FIO30-C.
+Exclude+user+input+from+format+strings>
--
____________________________________________________________
Sean McBride, B. Eng sean at rogue-research.com
Rogue Research www.rogue-research.com
Mac Software Developer Montréal, Québec, Canada
More information about the Insight-developers
mailing list