Re: Problem mac os X version 10.6 when using sprinft
Re: Problem mac os X version 10.6 when using sprinft
- Subject: Re: Problem mac os X version 10.6 when using sprinft
- From: Jens Alfke <email@hidden>
- Date: Mon, 10 May 2010 09:50:00 -0700
On May 10, 2010, at 8:54 AM, paul morel wrote:
> But what is weird is that it seems that with Mac OS X 10.5 there is no problem, whereas when I use Mac OS 10.6 the problem occurs.
Buffer overflows can be sneaky. The effect depends on exactly how variables are laid out in the stack (or if it’s an allocated block, on the exact pattern of allocations so far.) Minor changes in the compiler or linker can change such a bug from being invisible to being a crasher. So on 10.5 you got lucky and there was no immediate manifestation; on 10.6 you didn’t.
That’s just one reason why such bugs are rightly feared. It’s well worth it to avoid calls like sprintf whenever possible, as people have already suggested. Either use the variants that take the buffer size as a parameter, like snprintf, or use a higher-level Cocoa API that works with safer collections like NSStrings that have range checking.
—Jens_______________________________________________
Cocoa-dev mailing list (email@hidden)
Please do not post admin requests or moderator comments to the list.
Contact the moderators at cocoa-dev-admins(at)lists.apple.com
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden