Re: warning at nslog
Re: warning at nslog
- Subject: Re: warning at nslog
- From: Bill Bumgarner <email@hidden>
- Date: Sun, 27 Sep 2009 14:36:25 -0700
On Sep 27, 2009, at 9:12 AM, Jos Timanta Tarigan wrote: NSLog(absolutePath);
Others have replied w/an answer, but I wanted to pose a question...
What would happen if absolutePath just so happened to contain a %@ or %s in it somewhere?
Bad things, for sure.
The point of this is to encourage folks to consider a parameter not for the value you think it contains, but for the value it might contain...
Focusing on the former and not the latter is a great boon to those that exploit security holes. :)
b.bum
|
_______________________________________________
Do not post admin requests to the list. They will be ignored.
Xcode-users mailing list (email@hidden)
Help/Unsubscribe/Update your Subscription:
This email sent to email@hidden