getenv() obfuscated for buffer overflow prevention?
smcclelland at san.rr.com
Thu Feb 17 23:46:26 PST 2005
As I said, "off the top of my head." Thanks for catching that.
I can't believe I still get confused over pointers. I ususally have to
print several versions of my vars to make sure I'm referencing the right
> -----Original Message-----
> From: kplug-list-bounces at kernel-panic.org
> [mailto:kplug-list-bounces at kernel-panic.org]On Behalf Of Gabriel Sechan
> Sent: Tuesday, February 15, 2005 11:44 AM
> To: kplug-list at kernel-panic.org
> Subject: Re: getenv() obfuscated for buffer overflow prevention?
> >From: Scott McClelland <scottm at qualcomm.com>
> >Change (off the top of my head, without testing):
> >char * username=getenv("USER");
> >fprintf(log_file, "By user %s \n" &username, );
> The & is not needed. With the & you're passing a char ** instead of a
> char*, and will have a bad memory error of some sort.
> KPLUG-List at kernel-panic.org
More information about the KPLUG-List