(Off Topic) Re: problem with using socket from SDL_Net SDLNet_TCP_Accept

Slightly off-topic (but I’m sending it to the list because everybody should
know this!):

When using *scanf to read a string, always make sure you use the "%NNNs"
format specifier, where ‘NNN’ is the length of the character buffer you are
passing in. Especially when we’re talking about networking code. Laziness
and being less-than-specific are some of the quickest ways to creating
buffer-overflow bugs and vulnerabilities (the only quicker way is to
purposefully create one).

Here’s a link to the best list of anti-buffer-overflow tips I’ve found:
http://www.ibm.com/developerworks/library/s-buffer-defend.htmlhttp://www-128.ibm.com/developerworks/library/s-buffer-defend.html

  • Silicon