Re: Possible buffer overflows = security problem?

[Florian Weimer <fw@deneb.enyo.de>]

Frank Lichtenheld <djpig@djpig.de> writes:

> char path[256];
> sprintf( path, "some string/%s", packagename);

> Is such code (away from the fact that it can easily lead to segfaults) a
> security problem?

In general, yes.