Re: [ros-dev] [ros-diffs] 01/01: [WINLOGON] Clean up part 2 - Replace the UNICODE_STRING usMessage by a PWSTR pszMessage. - Use the "%02d:%02d:%02d" time format and get rid of the safe string printf because the string will NEVER be longer than 8 characters. - Rename the timer id constant because it is NOT a resource id. - Rename variables according to the coding style.

2 Apr 2018

Hey Eric,

On 2018-04-02 12:58, Eric Kohl wrote:
...
  -    RtlStringCbPrintfW(strbuf, sizeof(strbuf),
L"%d:%d:%d", hours, minutes, seconds);
 +    swprintf(szBuffer, L"%02d:%02d:%02d", iHours, iMinutes, iSeconds); 
Unfortunately I must disagree with this change.

Buffer overflows are a big enough threat that code review and
static analysis are not generally considered sufficient to protect
against them.
So it's best practice for new code to always verify sizes at run-time,
and never to use s(w)print.

Best regards,
Thomas

PS: from what I see, iHours can be as large as 1193046, which won't
     fit in 2 digits

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004