http://ask.metafilter.com/tags/sprintf Questions tagged with 'sprintf' at Ask MetaFilter. Sat, 09 Jun 2007 06:05:30 -0800 Sat, 09 Jun 2007 06:05:30 -0800 en-us http://blogs.law.harvard.edu/tech/rss 60 http://ask.metafilter.com/64414/How%2Dcan%2DI%2Davoid%2Dbuffer%2Doverflows%2Dwith%2DC Robust usage of sscanf and sprintf - how to avoid buffer overflows? I am sure this is embarrassingly simple, but all the tutorials I read always gloss over this aspect of sscanf and sprintf. How do I go about ensuring I don't encounter buffer overflows when using these two functions? I've read links like <a href="http://www.itworld.com/nl/lnx_sec/12182001/">these</a> that suggest truncating the data, but I don't want to do this. <a href="http://www.crasseux.com/books/ctutorial/String-overflows-with-scanf.html">This</a> link suggests using the "a" flag, but also says it's a GNU-only addition. <br> <br> How do programmes that don't have fixed-length strings operate? Surely our chat clients don't use fixed-length buffers? Help, Mefi! tag:ask.metafilter.com,2007:site.64414 Sat, 09 Jun 2007 06:05:30 -0800 buffer c overflow programming sprintf sscanf PuGZ