8 Apr
2003
8 Apr
'03
1:13 p.m.
On 08/04/03 11:49 +0530, Tahir Hashmi wrote: <snip>
value of strlen(pname)+1, which causes the overflow.
^^^^^^^^^^^^^Just to highlight a bad practice that gives false sense of security :)
The bad practice was not validating the input and making sure it fitted in the assigned buffer. The new buffer was sizeof(original_buffer)+1
Devdas Bhagat