Buffer Overflow
Ok, a nice little post to remind myself not to be such a tard.
char *toPm = (char *)malloc(strlen(cd.nick) + strlen(message) + 6) ;
Looks fine, is fine, toPm was for the folliwing operation :
sprintf(toPm, "%s : %s\r\n", cd.nick, message) ;
Now I counted up, checked everything counted again and came to 6 extras both times, space before the ':', the ':' itself, a space after, the \r, the \n and null. everything seems fine. No, getting segfualts every now and then. Quite annoying, gdb to the rescue, getting errors in adding text to a wxTextCtrl. Still can't fidn the problem. More digging ensued. Finally realised that there were two spaces before the damn ':'. That would screw it up. Changed to +7 in the malloc and all seems well. One moral to this story really.
USE SNPRINTF().........................
Should have learnt years ago, nm onwards and upwards.....
char *toPm = (char *)malloc(strlen(cd.nick) + strlen(message) + 6) ;
Looks fine, is fine, toPm was for the folliwing operation :
sprintf(toPm, "%s : %s\r\n", cd.nick, message) ;
Now I counted up, checked everything counted again and came to 6 extras both times, space before the ':', the ':' itself, a space after, the \r, the \n and null. everything seems fine. No, getting segfualts every now and then. Quite annoying, gdb to the rescue, getting errors in adding text to a wxTextCtrl. Still can't fidn the problem. More digging ensued. Finally realised that there were two spaces before the damn ':'. That would screw it up. Changed to +7 in the malloc and all seems well. One moral to this story really.
USE SNPRINTF().........................
Should have learnt years ago, nm onwards and upwards.....
posted by Matthew Jakeman at 12:48 AM
0 Comments:
Post a Comment
<< Home