[Mauiusers] Using MUSNPrintF() to protect against buffer overruns
wightman at clusterresources.com
Fri Apr 11 09:24:19 MDT 2008
Many patches have been submitted lately using some variation of sprintf.
Maui has its own routine that can handle most of this work in a very
safe, secure way, and easy to understand way. This routine is called
MUSNPrintF(). I am going to show how it works with a short tutorial:
MUSNPrintF(&BPtr,&BSpace,"%s %s ","var1","var2");
MUSNPrintF(&BPtr,&BSpace,"%s %s ","var3","var4");
This routine will print out "var1 var2 var3 var4\n" (assuming there are
no syntax errors, I didn't test this patch :) )
I am also attaching a small patch. The original patch was submitted by
Miguel Ros. It has been modified to use MUSNPrintF() rather than
All patches submitted that are protecting against any form of buffer
overrun must be modified to use MUSNPrintF() rather than something like
sprintf(Buffer + strlen(Buffer),
This will make the code consistent and easy to read. Again, if you have
submitted a patch that fixes a buffer overrun by using sprintf you must
modify your patch to use MUSNPrintF(). Any patches that use sprintf to
avoid buffer overruns will be rejected (unless it's in a location of
code that makes sense).
Please let me know if you have any questions.
Thanks again for the patches.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 12528 bytes
Desc: not available
Url : http://www.supercluster.org/pipermail/mauiusers/attachments/20080411/d4b27f20/MCred-0001.bin
More information about the mauiusers