28 Apr
2003
28 Apr
'03
04:30
On Monday 28 April 2003 06:24, Anders Johansson wrote:
On Monday 28 April 2003 03:48, Raúl Gutiérrez Segalés wrote: <snip>
char buf[100];
<snip>
buf[size]='\0';
Enlight me, I only see one, no protection against buffer overflows..
That would be the one. There is a protection against buffer overflows, in that both read and fread state how many bytes they want. Sadly, I wrote it a bit too quickly, and potentially 101 bytes could be put in a 100 byte buffer.
And bug no. 2 is that neither fread nor read check for EOL, only EOF, so if you had a program that sent this program three bytes followed by EOL (say, hitting enter on the keyboard) it wouldn't do anything, just block.