...
| Code Block | ||||
|---|---|---|---|---|
| ||||
#include <stdio.h>
void func(const char *name) {
char filename[128];
int result = snprintf(filename, sizeof(filename), "%s.txt", name);
if (result != strlen(filename) {
/* truncation occurred */
}
}
|
Risk Assessment
Copying string data to a buffer that is too small to hold that data results in a buffer overflow. Attackers can exploit this condition to execute arbitrary code with the permissions of the vulnerable process.
...