[sr #107522] Use of dangerous/banned functions
Jeffrey Walton
INVALID.NOREPLY at gnu.org
Wed Nov 17 04:52:31 CET 2010
Follow-up Comment #3, sr #107522 (project gnutls):
Attaching "Secure Portability" by Damien Miller. Miller lists systems which
include support for safer string handling functions such as strl* and
friends.
Bounds-checking interfaces are now included in the C1X draft dated 2010-10-04
(previously included via TR 24731-1, which was included in Annex K of an
earlier C1X draft). A link to the C1X draft (ISO/IEC 9899:201x) can be found
at http://www.open-std.org/Jtc1/sc22/wg14/www/projects. Grab the PDF for
N1516.
Links to TR 24731-1 (Extensions to the C Library Part I: Bounds-checking
interfaces) and TR 24731-2 (Extensions to the C Library - Part II: Dynamic
allocation functions) can be found at
http://www.open-std.org/Jtc1/sc22/wg14/www/projects. Grab the PDFs for N1225
and N1337.
The take away is that strlcpy and friends are almost ubiquitous on *nix, and
strcpy_s and friends will be standardized shortly.
_______________________________________________________
Reply to this item at:
<http://savannah.gnu.org/support/?107522>
_______________________________________________
Message sent via/by Savannah
http://savannah.gnu.org/
More information about the Gnutls-devel
mailing list