4 May
2008
4 May
'08
09:46
Cristian Rodríguez wrote:
David C. Rankin escribió:
int main(int argc, char *argv[]) { char *endptr, *str, newstr[20];
strcpy(newstr,argv[1]);
^^ ./a.out 23000000000000000000000000000000000000
*** stack smashing detected ***: ./a.out terminated ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
I've never see that run-time error message. What compiler flags did you use to get THAT to be produced?
classic buffer overflow.. do not use strcpy() it is evil.
Yes. VERY evil. Use strncpy(char *dest, char *src, int maxlen).
see https://buildsecurityin.us-cert.gov/daisy/bsi-rules/home/g1/848.html
-- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org For additional commands, e-mail: opensuse+help@opensuse.org