gnutls-devel
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[sr #107522] Use of dangerous/banned functions

From: Jeffrey Walton
Subject: [sr #107522] Use of dangerous/banned functions
Date: Wed, 17 Nov 2010 03:52:31 +0000
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.2.12) Gecko/20101027 Ubuntu/10.04 (lucid) Firefox/3.6.12 
Follow-up Comment #3, sr #107522 (project gnutls):

Attaching "Secure Portability" by Damien Miller. Miller lists systems which
include support for safer string handling functions such as strl* and
friends.

Bounds-checking interfaces are now included in the C1X draft dated 2010-10-04
(previously included via TR 24731-1, which was included in Annex K of an
earlier C1X draft). A link to the C1X draft (ISO/IEC 9899:201x) can be found
at http://www.open-std.org/Jtc1/sc22/wg14/www/projects. Grab the PDF for
N1516.

Links to TR 24731-1 (Extensions to the C Library Part I: Bounds-checking
interfaces) and TR 24731-2 (Extensions to the C Library - Part II: Dynamic
allocation functions) can be found at
http://www.open-std.org/Jtc1/sc22/wg14/www/projects. Grab the PDFs for N1225
and N1337.

The take away is that strlcpy and friends are almost ubiquitous on *nix, and
strcpy_s and friends will be standardized shortly.


    _______________________________________________________

Reply to this item at:

  <http://savannah.gnu.org/support/?107522>

_______________________________________________
  Message sent via/by Savannah
  http://savannah.gnu.org/
reply via email to
[Prev in Thread] Current Thread [Next in Thread]