potential hazard in Str.c++

To: flexfax@sgi.com
Subject: potential hazard in Str.c++
From: Michael Douglass <mikedoug@texas.net>


There are two big potential problems with fxStr::format and
fxStr::vformat.  Copiees of the functions are supplied here.
This comes from hylafax v4.0p1

First of all is the potential (but not what prompted me to write) for a
buffer-overflow.  You may want to check for the existance of vsnprintf
or __vsnprintf and use those in place of vsprintf.

Secondly, and most importantly, is that you are returning a pointer
to an automatic buffer which is not guarunteed to be there any longer.
In fact, certain programming practices in C++ make it a pretty darned
good reality that they won't exist!  Never return the address of
an automatic variable--the value, sure--but never the address.  This
space either needs to have static allocation or dynamic allocation that
must then be freed later.

fxStr
fxStr::format(const char* fmt ...)
{
    char buf[4096];
    va_list ap;
    va_start(ap, fmt);
    vsprintf(buf, fmt, ap);
    va_end(ap);
    return fxStr(buf);
}

fxStr
fxStr::vformat(const char* fmt, va_list ap)
{
    char buf[4096];
    vsprintf(buf, fmt, ap);
    return fxStr(buf);
}

-- 
Michael Douglass
Texas Networking, Inc.

   "I broke perl again"
  -- Anonymous TexasNet sysadmin

-----End of forwarded message-----

-- 
Michael Douglass
Texas Networking, Inc.

  "Hrmmmmm."

Prev by Date: No Subject
Prev by thread: Re: potential hazard in Str.c++
Next by thread: Modem Garbage: Phase B Error (20)
Index(es):
- Main
- Thread

Report any problems to webmaster@hylafax.org

HylaFAX is a trademark of Silicon Graphics Corporation.
Internet connectivity for hylafax.org is provided by:
VirtuALL Private Host Services