A
aarklon
Hi folks,
found an interesting C link here::
http://community.core-sdi.com/~gera/InsecureProgramming/
found an interesting C link here::
http://community.core-sdi.com/~gera/InsecureProgramming/
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
R
Richard Heathfield
(e-mail address removed) said:
I looked at the first example. Anyone programming like that needs a good
kicking.
Hi folks,
found an interesting C link here::
http://community.core-sdi.com/~gera/InsecureProgramming/
I looked at the first example. Anyone programming like that needs a good
kicking.
E
Eric Sosman
Richard said:(e-mail address removed) said:
I looked at the first example. Anyone programming like that needs a good
kicking.
It's interesting that the example indulges in undefined
behavior (twice!) before arriving at what was probably the
point it was trying to make. One doesn't know whether the
author deserves praise or blame.
B
bluejack
Eric said:It's interesting that the example indulges in undefined
behavior (twice!) before arriving at what was probably the
point it was trying to make. One doesn't know whether the
author deserves praise or blame.
Similarly, all the argc and argv parameter conventions are reversed; is
that ignorance? or some sort of erudite gotcha for improperly trained
applicants? The whole thing feels like a red herring: which of the many
objectionable elements am I *supposed* to be objecting to... ?
A
aarklon
Hi all,
here are some more interesting links::-
http://www.cs.berkeley.edu/~ushankar/research/percents/percents.html
http://www.cs.dartmouth.edu/~cs38/local/formats-teso.html
here are some more interesting links::-
http://www.cs.berkeley.edu/~ushankar/research/percents/percents.html
http://www.cs.dartmouth.edu/~cs38/local/formats-teso.html
R
Richard Heathfield
(e-mail address removed) said:
I have the very greatest of respect for David Wagner's cryptographic skills.
I would not ask him to write C code for me. (Sorry, David, if you ever read
this!)
Whoever wrote that needs a good kicking. Here's a quote:
++++
A format string is an ASCIIZ string that contains text and format parame-
ters.Example:
printf ("The magic number is: %s\n", 1911);
++++
In this tiny fragment, which is the first significant bit of C code in the
document, I count two oopses - one in the text and one in the code. Oops.
Hi all,
here are some more interesting links::-
http://www.cs.berkeley.edu/~ushankar/research/percents/percents.html
I have the very greatest of respect for David Wagner's cryptographic skills.
I would not ask him to write C code for me. (Sorry, David, if you ever read
this!)
Whoever wrote that needs a good kicking. Here's a quote:
++++
A format string is an ASCIIZ string that contains text and format parame-
ters.Example:
printf ("The magic number is: %s\n", 1911);
++++
In this tiny fragment, which is the first significant bit of C code in the
document, I count two oopses - one in the text and one in the code. Oops.
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.
Forum statistics
Latest Threads
-
Stephanie Beaudeau Emsworth is Running a Prostitution Ring
- Started by verona
-
Reverse search for a website
- Started by DRCM
-
What are the key advantages of using a SaaS (Software as a Service) model for application development?
- Started by remotedevelopers
-
How to build a database-driven web page
- Started by av3mar1a153
-
Hola
- Started by luuciefer
-
Using a DTSX file with GoDaddy
- Started by IBMJunkman
-
Hello Everyone
- Started by welly