The Wrong Way To Fix Overflows

• The audit uncovered this little gem

• (I wish I could remember where):

• char dest[MAXLEN];

• strcpy( dest, input); /*** Wham! ***/

• if ( strlen(dest) >= MAXLEN) {

• /* handle error */

• Only safe error handling: immediately exit()

• Please don't do this