It would have been nice if glibc fixed this bug back in 2008. http://lists.debian.org/debian-devel/2013/09/msg00421.html …
-
-
Replying to @kees_cook
@kees_cook So for sprintf() format string, "%s" is still fine as opposed to "%sbar", correct? I.e. nothing to truncate?1 reply 0 retweets 0 likes -
Replying to @michaelrash
@michaelrash Problem is using the same buffer as both dest and src: sprintf(buf, "%s...", buf) is considered to have "undefined" results.1 reply 0 retweets 0 likes -
Replying to @kees_cook
@kees_cook Ok, understood. Your sprintf() patch had a minor typo in the description ("baz" should have been "foo"), now I understand, thanks1 reply 0 retweets 0 likes
Replying to @michaelrash
@michaelrash ah, yes, that could be. It was a long thread and many years ago. :) Sorry for the confusion.
4:10 PM - 21 Sep 2013
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.