It is a story of a programmer who is dead by the deadlines.
He writes the code quickly to meet the deadline just to get another deadline.
One day someone told his boss a tale about the devilish buffer overflow. Boss gives orders to apply fixes to all the bufferoverflows by using strlcat instead of strcat and run a code-checker over the code.:)
The poor programmer got yet another dead-line. He obeys the boss and here is the code he wrote:
#define BUFSIZ 100
int main()
{
char * response;
response = (char *) malloc (sizeof(char) * BUFSIZ);
char input[50];
printf("Enter your first name:"
scanf("%49s",input);
strlcat(response, input, BUFSIZ);
printf("Enter your middle name:"
scanf("%49s",input);
strlcat(response, input, BUFSIZ);
printf("Enter your last name:"
scanf("%49s",input);
strlcat(response, input, BUFSIZ);
}
Do you think this guy needs to be corrected?
1 comment:
I guess the code doesnt have buffer overflow. God saved the poor programmer.
-Alpha0
Post a Comment