mirror of
https://github.com/nothings/stb
synced 2024-12-13 19:47:10 +03:00
Note insecurity of stb_sprintf
This commit is contained in:
parent
b5230e0685
commit
41a3179397
@ -15,7 +15,7 @@ int main(int argc, char **argv)
|
|||||||
for (i=0; i < listlen; ++i) {
|
for (i=0; i < listlen; ++i) {
|
||||||
int num,j;
|
int num,j;
|
||||||
char **tokens = stb_tokens_stripwhite(list[i], "|", &num); // stb_tokens -- tokenize string into malloced array of strings
|
char **tokens = stb_tokens_stripwhite(list[i], "|", &num); // stb_tokens -- tokenize string into malloced array of strings
|
||||||
FILE *g = fopen(stb_sprintf("../%s", tokens[0]), "rb"); // stb_sprintf -- sprintf to a temporary buffer (not threadsafe)
|
FILE *g = fopen(stb_sprintf("../%s", tokens[0]), "rb"); // stb_sprintf -- sprintf to a static temp buffer (not threadsafe or secure)
|
||||||
char buffer[256], *s1, *s2;
|
char buffer[256], *s1, *s2;
|
||||||
fread(buffer, 1, 256, g);
|
fread(buffer, 1, 256, g);
|
||||||
fclose(g);
|
fclose(g);
|
||||||
|
Loading…
Reference in New Issue
Block a user