This is the mail archive of the libc-alpha@sources.redhat.com mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]

Re: PATCH: safe string copy and concetation

To: Christoph Hellwig <hch at ns dot lst dot de>
Subject: Re: PATCH: safe string copy and concetation
From: Kaz Kylheku <kaz at ashi dot footprints dot net>
Date: Tue, 8 Aug 2000 12:16:33 -0700 (PDT)
cc: MacGyver <macgyver at tos dot net>, libc-alpha at sources dot redhat dot com

On Tue, 8 Aug 2000, Christoph Hellwig wrote:

> What's more insecure ?
> 	a) having a well understood and documented function
> 	   in libc (or your support-library, which is based on
> 	   gnu oder bsd libc, I suppose)
> or
> 	b) pasting some application-specific routine from one
> 	   program to another and constantly modifing it for
> 	   your own purpose

This is what standards are for, like ANSI C, POSIX and The Single UNIX Spec.
The strlcpy and strlcat functions do not appear in these standards yet.  A
developer of portable applications currently has no choice but to implement
these functions, unless the program is only to compile and run on BSD.

In due time, it is likely that these functions will be standardized,
at which point glibc will simply have to adopt them.

References:
- Re: PATCH: safe string copy and concetation
  - From: Christoph Hellwig

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]