From: Michael R. <mr...@us...> - 2004-07-26 19:22:35
|
Hi, > > But will you find this problem: > > > > void some_function(char *user_input) > > { > > char string[1024]; > > sprintf(string, "user entered: %s", user_input); > > } > > > > Michael > > valgrind checks heap only, within my knowledge there is no good stack > debugger, and valgrind will never do stack checking... > > there are no requests for stack debugging, and even linus himself will > never allow a kernel-stack-debugger as a development tool; "you should > write good code in the first place and not rely on debuggers to find your > problems" This is in no way a stack specific problem, as I wrote earlier in this thread. Valgrind won't find this one either: void some_function(char *user_input) { char *string; string = (char *)malloc(1024); sprintf(string, "user entered: %s", user_input); } It will only find the overflow when it actually happens (meaning: the user actually entered more than 1009 characters). Michael -- Accountants ask, "How much is it?" Scientists ask, "Why does it work?" Engineers ask, "How does it work?" Liberal Arts majors ask, "Would you like fries with that?" |