sprintf vulnerabilities

In the previous example, argv[0] is used to quote the program’s name.
- argv[0] is actually supplied as a parameter to the kernel function “execve”. There is no limit to it’s length.
sprintf buffer-overrun vulnerabilities usually stem from two sources:
- Formatting user supplied arguments, or environment variables (registry).
- incorrect calculation of total buffer length when combining buffers.

In the previous example, argv[0] is used to quote the program’s name.