On Dienstag, 13. November 2018 20:30:06 CET Vincent Povirk wrote:

> > > To my knowledge, a .NET class name has no maximum size.

> >

> > Yeah, but we already had a fixed size buffer for that, so I figured I

> > could leave it like that.

> It's OK to have a fixed size buffer, but we need to make sure copying

> the class name doesn't overrun the buffer.

>

> > > This also

> > > passes in a size for the filename but doesn't fully check it.

> >

> > What exactly has to be checked?

>

> You append to the path without checking that the string will fit.

Makes sense, thanks!

Regards,

Fabian Maurer