I was called for a Code review and I saw some code as below:
To this I got the response from the programmer saying:I raised a comment saying, the code doesn't restrict the user from entering any number of arguments he/she wants to and if disguised well, this could account for a buffer overflow!
Now my question is, what would be the better way to go?Good Comment but the problem here is that the number of arguments that the program is accepting is variable and so I am finding it hard to implement.
Implementing a limit on the number of parameters that the user can send (there certainly has to be one as the code cant keep processing all possible values of argv, I know argv is not of constant size anyway.)
I have never seen va_args being used to work on arguments passed from the command line.