httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Paul Richards <>
Subject Re: Possible security problem in referer_log_transaction... ? (fwd)
Date Mon, 18 Dec 1995 23:41:55 GMT
In reply to Ben Laurie who said
> I did say "check length", not "arbitrarily truncate". I would consider a
> suitable response to length overflow to be to log an error and die. Good design
> is all very well, but the design needs checking.

Ok, I responded to your message with some points that related to Sameer's
call to ban sprintf. Relying on snprintf to truncate long strings is not
good design :-)

  Paul Richards. Originative Solutions Ltd.
  Phone: 0370 462071 (Mobile), +44 1225 447500 (work)

View raw message