Trend Micro: Open source is more secure | TalkBack on ZDNet

On TechRepublic: 10 cool USB flash drive tricks

BNET Business Network:: BNET; TechRepublic; ZDNet

TalkBack 44 of 62:: Next »; « Previous

Thread View
Flat View

yes...but: Yours will compile to assembly because you are actually changing something. but if re-written the way "whats his name" did it so it actually compiles would not produce any assembly by a good compiler/linker. The last strcpy would just move what's pointed to by fname into whats pointed to by filename so the function does nothing, no assembly or even a call to this function is needed since the result is the 2nd parameter passed. (BTW: strcpy will copy the null terminator from the origin, I understand why you wanted to firewall it but strcpy would blow chunks of fname isn't null terminated anyway) I think a better firewall is to not assume fname is limited to the length of MAX_PATH to begin with.

like so
char* myFunction(char *path, char *fname)
{
char* filename = (char*) malloc(sizeof(char*)*MAX_PATH); //corrected

strcpy(filename, path);
strcpy(filename, "\\"); //corrected
strcpy(filename, fname);

return filename;
}; Posted by: LinuxHippie Posted on: 06/14/06 You are currently: a Guest | Members login | Terms of Use

Reply to Story No further replies to this post will be accepted.

Alert moderator to an offensive message

Subscribe to this discussion via Email or RSS

Trend Micro: Open source is more secure Loverock Davidson | 06/13/06

Loverock Davidson tried to make a funny............... Can you hear me | 06/13/06

It was funny Loverock Davidson | 06/13/06

Funny Richard Flude | 06/13/06

RE: Funny richdave | 06/13/06

Yeah Loverock Davidson | 06/13/06

Funny when I explain why Loverock Davidson | 06/13/06

BSD put a fork in it - never mind, already done. Roger Ramjet | 06/14/06

Now now Loverock Davidson | 06/14/06

I know you are, but what am I? Roger Ramjet | 06/14/06

Yep Loverock Davidson | 06/14/06

Find out what you're talking about bportlock | 06/14/06

You need to know what your talking about Loverock Davidson | 06/14/06

PLEASE!!! Stop feeding this troll! linux for me | 06/14/06

Stop feeding yourself? Loverock Davidson | 06/14/06

I agree mostly Roger Ramjet | 06/14/06

Does it bother you Loverock Davidson | 06/14/06

Roger... Tony Agudo | 06/14/06

Making fun of "stupid" is entertaining Roger Ramjet | 06/14/06

Also could be said Loverock Davidson | 06/14/06

dude - lovey is a girl not of this world | 06/14/06

I just happened to do updates on both an XP box and Linux box this morning George Mitchell | 06/14/06

You forgot one thing NonZealot | 06/14/06

You have the option to choose Loverock Davidson | 06/14/06

Not on updates marked critical when using 'Express Update' George Mitchell | 06/14/06

Great Boot_Agnostic | 06/13/06

The problem is still the number of new lines of code in Vista. Yes, they DonnieBoy | 06/13/06

please talk sense zzz1234567890 | 06/13/06

You mean... Henrik Moller | 06/13/06

Shoot, you beat me to it! Tony Agudo | 06/13/06

Since.... LinuxHippie | 06/14/06

You're close... Tony Agudo | 06/14/06

I noticed decon backed out Linux User 147560 | 06/14/06

I would hardly call that OS code code_Warrior | 06/14/06

I do know to read and write code. Do *nix fanboys know (including DonnieBoy zzz1234567890 | 06/14/06

You had to refer a book? Tony Agudo | 06/14/06

hey.... finally someone answers zzz1234567890 | 06/14/06

Actually... LinuxHippie | 06/14/06

Have you STILL not done your homework?? Zogg | 06/14/06

none from the open source community could answer this zzz1234567890 | 06/14/06

Actually... LinuxHippie | 06/14/06

Re: Actually... Tony Agudo | 06/14/06

Extra correction Tony Agudo | 06/14/06

yes...but LinuxHippie | 06/14/06

There's a problem with your version... Tony Agudo | 06/14/06

I think they were busy laughing at the "sophistication" of the Q... wink

wink

n michael_t | 06/15/06

too bad Linux aint as good zzz1234567890 | 06/14/06

TrendMicro feeling the heat zzz1234567890 | 06/13/06

let see here zzz1234567890 | 06/13/06

The Barbie Principle of Security michael_t | 06/13/06

you missed the point zzz1234567890 | 06/13/06

I'm curious zkiwi | 06/13/06

Security of Trend products. dtbullock | 06/14/06

All Hail King Tux ! st!lborn | 06/14/06

Forking as a security enhancement Roger Ramjet | 06/14/06

Anyone who uses OSS knows it's true Chad_z | 06/14/06

Hey I'm an MCSE voska | 06/14/06

asinine comment Flybyte | 06/14/06

And Trend is known for being a solid, reliable company. HypnoToad | 06/14/06

dinosaurs were a strong, powerful creatures zzz1234567890 | 06/14/06

"Open source is more secure" is NOT NEWS really. michael_t | 06/14/06

Pls slow down there fella's! What's the hurry happy

happy

.... ! michael_t | 06/15/06

What do you think?

SponsoredWhite Papers, Webcasts, and Downloads

Building the Virtualized Enterprise with VMware Iinfrastructure VMware VMware virtualization software has been adopted by over 120,000 enterprise ... Download Now
Server Consolidation and Containment With Virtual Infrastructure VMware To meet the constant demand to deploy, maintain and grow a broad array of ... Download Now
Five Steps to Determine When to Virtualize YourServers VMware Server virtualization isn't just for big companies. Entry-level ... Download Now

Premier Vendor Content Whitepapers, webcasts & resources from our Power Center Sponsors

Popular Sanity Saver Videos

Blogs

Product Reviews

Videos

White Papers and Webcasts

Downloads

More