[augeas-devel] Is aug_get safe for buffer overflow ?
Dominique Dumont
dominique.dumont at hp.com
Thu Jun 5 17:08:12 UTC 2008
Hello
I'm quite rusted in C, and I've finally managed to get aug_get working
in the Perl bindings I'm working on.
After some trial and errors, I've realised that I need to allocate the
char** passed to aug_get so that aug_set will store the data there.
In short:
char* c_value[100]; // 100 is completely arbitrary
int ret = aug_get(aug,path,c_value);
How can we protect from buffer overflow without passing a max length
to aug_get ?
(I'd rather raise this question ASAP as protecting aug_set will lead
to an API change)
HTH
--
Dominique Dumont
"Delivering successful solutions requires giving people what they
need, not what they want." Kurt Bittner
More information about the augeas-devel
mailing list