understanding the dangers of sprintf(…)

Question

OWASP says:

\"C library functions such as strcpy (), strcat (), sprintf () and vsprintf () operate on null terminated strings and perform no bou

Answer 1

I pretty much have stated a small example how you could get rid of the buffer size declaration for the sprintf (if you intended to, of course!) and no snprintf envolved ....

Note: This is an APPEND/CONCATENATION example, take a look at here