:: Re: [DNG] C string handling
Página Principal
Delete this message
Reply to this message
Autor: Steve Litt
Data:  
Para: dng
Assunto: Re: [DNG] C string handling
On Sun, 23 Aug 2015 11:37:26 +0100
Edward Bartolo <edbarx@???> wrote:

> My 'irrational' choice of C language for backend.
>
> As a coder, I lack knowledge and experience. This is plain clear from
> the code I can write, but I offered my very limited coding
> capabilities to help, notwithstanding I knew, I would have been a
> dwarf among giants.


Your code was fine Edward. You used a few strcpy() instead of
strncpy(). Big deal --- it's less than an hour's work to fix it. You
used the literal SSID for a filename, creating an in for ESSID "; rm -r
$HOME". I'd like to criticize you for that, but that was *my* idea. So
I guess I'm a dwarf too. I'm not concerned: I make mistakes, that's why
my pencil has an eraser.

You may have made some other very esoteric "bad decisions" regarding
defending against very determined hackers. Fine: You got your code out
there, people warned you, you changed it.

You know who I think is the giant? The guy who actually writes the code
to do the job. The guys who find the mistakes are essential, but
they're supporting actors: The star is the guy who writes the code to
solve the problem.


SteveT

Steve Litt
August 2015 featured book: Troubleshooting: Just the Facts
http://www.troubleshooters.com/tjust