In depth analysis of unsafe sprintf and strcpy in C
- 2020-04-02 00:43:38
- OfStack
After tracing and debugging, many bugs were issued from functions such as sprintf and strcpy that may create buffer overflows.
All sprintf should be replaced with snprintf.
Replace strcpy with strncpy and set the end byte to ''\0' .
All sprintf should be replaced with snprintf.
Replace strcpy with strncpy and set the end byte to ''\0' .
strncpy(buf, str, len);
buf[len] = 0;