[Openvas-devel] Unsafe code?

[Matthew Mundell]

> f = open("/proc/sys/net/ipv4/ip_default_ttl", O_RDONLY);
> if(f >= 0)
> {
>   char rd[20];
>   int r=read(f, rd, sizeof(rd) - 1);
>   close(f);
>   if(r>0)
>   {
>     rd[r]=0;
>     ttl = atoi(rd);

The read could be interrupted though, so at this point rd could hold less
than the full contents of the file.

>   }
>   else {
>     fprintf(stderr, "could not read default ttl\n");
>     ttl=-1; /* or whatever you want to do now */
> }
--
Intevation GmbH, Neuer Graben 17, 49074 Osnabrück | AG Osnabrück, HR B 18998
Geschäftsführer: Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner