How to prevent scanf causing a buffer overflow in C?
In their book The Practice of Programming (which is well worth reading), Kernighan and Pike discuss this problem, and they solve it by using snprintf() to create the string with the correct buffer size for passing to the scanf() family of functions. In effect: int scanner(const char *data, char *buffer, size_t buflen) { char format[32]; … Read more