[Solved] buffer overflow Identification in the code

Question

 1. while ((buffer[i++] = getchar()) != '\n')

You have to be sure that the number of characters being entered is less than 4096. Else you have a buffer overflow. While reading until the end of the line it would be better to use fgets() which is much safer.

2. strcpy(newbuffer,buffer);

What if your array buffer is filled then you have a buffer overflow because newbuffer can’t hold 4096.Use some safer function here also in order to handle buffer overflow like snprintf()

Accepted Answer

 1. while ((buffer[i++] = getchar()) != '\n')

You have to be sure that the number of characters being entered is less than 4096. Else you have a buffer overflow. While reading until the end of the line it would be better to use fgets() which is much safer.

2. strcpy(newbuffer,buffer);

What if your array buffer is filled then you have a buffer overflow because newbuffer can’t hold 4096.Use some safer function here also in order to handle buffer overflow like snprintf()