| 13 | | In the above example the szMsg and szID character arrays are each allocated 10 bytes. C strings require a null character at the end to tell various functions such as strcpy when to stop copying. This means szMsg and szID can have a maximum of 9 characters each. If the strcpy(szID, "123") is changed to strcpy(szID, "1234567890") the compiler will generate code that writes the null character into an invalid memory location and this may crash the indicator immediately, or it may not cause a crash until some other time in execution when that memory location becomes important. Also note that if the strcpy is changed to strcpy(szID, "123456") szID will not overflow, but szMsg will overflow in the sprintf statement that follows. |
| | 13 | In the above example the szMsg and szID character arrays are each allocated 10 bytes. C strings require a null character at the end to tell various functions such as strcpy when to stop reading characters. This means szMsg and szID can have a maximum of 9 characters each. If the strcpy(szID, "123") is changed to strcpy(szID, "1234567890") the compiler will generate code that writes the null character into an invalid memory location. When the program is executed this may crash the indicator immediately, or it may not cause a crash until some other time in execution when that memory location becomes important. If the strcpy is changed to strcpy(szID, "123456") szID will not overflow, but szMsg will overflow in the sprintf statement that follows. |
![(please configure the [header_logo] section in trac.ini)](/chrome/site/cardinal.gif)
