[asterisk-dev] [svn-commits] jpeeler: branch 1.6.2 r303677 - in /branches/1.6.2: ./ apps/app_voicemail.c
davies147 at gmail.com
Tue Feb 8 11:44:32 CST 2011
On 8 February 2011 16:48, Tilghman Lesher <tilghman at meg.abyt.es> wrote:
> On Tuesday 08 February 2011 06:04:26 Steve Davies wrote:
>> > 3) The %30d can potentially overflow an 'int' type. Is it safer to use
>> > %9d, which will always fit?
> No, it cannot. The purpose of specifying the 30 maximum characters is to
> limit the number of characters in the input string that sscanf will accept
> before shutting off input. There is a bug on some platforms where this
> string can overflow the length of an internal buffer when the maximum input
> length is not specified. However, the 'd' specifier limits the highest
> value, not the length of the string.
Thanks for taking the time to explain that :)
More information about the asterisk-dev