Subject: Re: sprintf -> snprintf
To: George Michaelson <>
From: Jason Thorpe <>
List: current-users
Date: 09/20/1996 22:05:17
On Sat, 21 Sep 1996 14:54:47 +1000 
 George Michaelson <> wrote:

 > I don't have sources to hand. Is it even remotely plausible
 > to make removing sprintf and replacing with snprintf a goal?

sounds marvelous...

 > How about for nominated subsets of the code?

At the very least, all the setuid/setgid programs.

 > Seems to me like making buffer overrun attacks non-viable
 > would prevent a lot of angst later on... we have a volunteer?  :-)

 -- save the ancient forests - -- 
Jason R. Thorpe                             
NASA Ames Research Center                               Home: 408.866.1912
NAS: M/S 258-6                                          Work: 415.604.0935
Moffett Field, CA 94035                                Pager: 415.428.6939