Writing Secure C and Secure C Idioms
I think your sscanf example is wrong. It can still overflow when used that way. Try this, which specifies the maximum number of bytes to read: void main(int argc, char **argv) { char buf[256]; sscanf(argv[0], “%255s”, &buf); } Take a look at this IBM dev article about protecting against buffer overflows. In terms of testing, … Read more