Hacker News new | ask | show | jobs
by shadytrees 6025 days ago
See also the C FAQ, which patiently devotes 24 questions to the topic. (You can almost tell just how frequently the question came up on the list.)

http://c-faq.com/aryptr/index.html
1 comments
weaksauce 6025 days ago
Is there another place that buffer overflows occur than in the char* with no bounds checking? If not, this single fact is the one that leads to so many of the software vulnerabilities in the wild.
link
tptacek 6025 days ago
Yes, memcpy overflows are just as common as strcpy overflows, and structure overflows are more common today than strings, if only because most of the trivial string stuff has been flushed out by now.
link
btilly 6025 days ago
There are others, but that case covers most of the ones seen in practice.
link