Oh heck no!
Marcos Besteiro 馃懅馃徎馃懚馃徎 @MarcosBL
8 Sep 2015
How to check if a number is negative
1
1
@hal_pomeranz I don't remember much C, but isn't sprintf vulnerable to overflows?
2
@tootsierollpop8 Oh crap, that's sprintf()-- yeah vulnerable. snprintf() is the safe version.
1
1
@hal_pomeranz One letter difference... whoever came up with that didn't think that through very well...
1
Replying to @tootsierollpop8
@tootsierollpop8 Different argument vector too. snprintf() includes a parameter for length of buffer.

Oct 24, 2015 路 7:53 AM UTC

1
1
Replying to @hal_pomeranz
@hal_pomeranz That explains why it's considered more secure.