Re: sprintf [message #306529 is a reply to message #306471] |
Sat, 29 December 2007 17:49 |
=HT=T-Bird
Messages: 712 Registered: June 2005
Karma:
|
Colonel |
|
|
NEVER NEVER NEVER pass any string that is created from user input to printf() and friends as a format string, otherwise you'd have a security hole on your hands
HTT-Bird (IRC)
HTTBird (WOL)
Proud HazTeam Lieutenant.
BlackIntel Coder & Moderator.
If you have trouble running BIATCH on your FDS, have some questions about a BIATCH message or log entry, or think that BIATCH spit out a false positive, PLEASE contact the BlackIntel coding team and avoid wasting the time of others.
|
|
|