[sr #107522] Use of dangerous/banned functions
INVALID.NOREPLY at gnu.org
Wed Nov 17 01:09:00 CET 2010
Follow-up Comment #1, sr #107522 (project gnutls):
Forgot to mention....
I cited Apple's security guide because the table is compiled (so it offers
copy/paste convenience). Wheeler's security guide says about the same in more
words (Wheeler is more in depth because he also discusses other "safe"
libraries). And Microsoft has a succinct page: Security Development Lifecycle
(SDL) Banned Function Calls,
One fellow on [BuqTraq|FunSec|FullDisclosure] summed it up nicely, "there's
no reason to be using strcpy in 2010". (can't find the reference at the
Reply to this item at:
Message sent via/by Savannah
More information about the Gnutls-devel