Hey, I gots a question.
in C im just writing a small little file input test program.
part of the code that is of importance follows
now my thoughts are: there is something wrong with giving the end user the power to choose name and length of filename. Is this true? and What if any checks can I put in place to keep that from being abused?
Thanks
in C im just writing a small little file input test program.
part of the code that is of importance follows
...
...
int inFile, outFile;
char *inFileName = argv[1];
char *outFileName = argv[2];
...
...
inFile = open(inFileName, O_RDONLY);
outFile = open(outFileName, O_WRONLY);
...
...
now my thoughts are: there is something wrong with giving the end user the power to choose name and length of filename. Is this true? and What if any checks can I put in place to keep that from being abused?
Thanks