This is the mail archive of the libc-alpha@sources.redhat.com mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: PATCH: safe string copy and concetation


On 8 Aug 2000, Ulrich Drepper wrote:

> Date: 08 Aug 2000 09:43:59 -0700
> From: Ulrich Drepper <drepper@redhat.com>
> Reply-To: Ulrich Drepper <drepper@cygnus.com>
> To: Christoph Hellwig <hch@caldera.de>
> Cc: libc-alpha@sources.redhat.com
> Subject: Re: PATCH: safe string copy and concetation
> 
> Christoph Hellwig <hch@caldera.de> writes:
> 
> > this patch implements the string functions strlcat and
> > strlcpy for gnu libc.
> 
> This is horribly inefficient BSD crap.  Using these function only
> leads to other errors.  Correct string handling means that you always
> know how long your strings are and therefore you can you memcpy
> (instead of strcpy).

These words make sense. The problem with strlcat and strlcpy is that they
assume that it's okay to arbitrarily discard data for the sake of preventing a
buffer overflow. The buffer overflow may be prevented, but because data may
have been discarded, the program is still incorrect.  This is roughly analogous
to clamping floating point overflow to DBL_MAX and merrily continuing 
in the calculation. ;)


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]