Anno domini 2023 Mon, 8 May 23:57:00 -0700 Mike Bird via tde-devels scripsit:
On Mon May 8 2023 23:41:03 Dr. Nikolaus Klepp via tde-devels wrote:
https://dwheeler.com/secure-programs/Secure-Programs-HOWTO/dangers-c.html
Sorry to spoil the party, but on this page contains errors (I have not read further ) "read(fd, &len, sizeof(len));" is utterly BS.
That's a perfectly reasonable way to read a binary integer into len if you know that the integer to be read is compatible with the size_t of the arch. For example if you are merely piping data between parent and child processes.
It's a good way to call for trouble when you have mixed architecture, which is by no means a outerworldisch thing today. If you control both sides of the pipe and you spoiled your own protocol ... don't know what to say, that would have been wrong anyways.
However the result of the read should have been checked and then the data read into len should also have been thoroughly checked.
The examples exist to point out the dangers of not validating lengths and of confusing size_t, int, and unsigned int - all of which may be different.
--Mike ____________________________________________________ tde-devels mailing list -- devels@trinitydesktop.org To unsubscribe send an email to devels-leave@trinitydesktop.org Web mail archive available at https://mail.trinitydesktop.org/mailman3/hyperkitty/list/devels@trinitydeskt...
-- Please do not email me anything that you are not comfortable also sharing with the NSA, CIA ...