ericappel.net - CPlusPlus

blog
projects
photography
archives
subscribe

About Me

Eric Appel is a Software Engineer, amateur photographer, and tech/web enthusiast. Eric develops ASP.NET websites for Intel Corporation, however, anything contained in this site is Eric's personal opinion and he does not speak for Intel in any way.

Writing past the end of your buffer October 29, 2005

CPlusPlus

1 Comments

Try to figure out what the problem is with the following C++ code. I've seen this bug in the wild, so I thought I'd share it with everyone.

    int number;
    char* buffer = new char[8]();
    _itoa(number,buffer,10);

The problem is that the character buffer is only 8 characters long. This means the buffer can store 7 digits plus the terminating null. A 32 bit int could potentially have many more than 7 digits, so the call to _itoa() could potentially write past the end of the buffer.