More thinking securely...

Max Laier max at love2party.net
Tue Dec 9 15:19:02 PST 2003


> :Would there be any value (right now) in moving away from unsafe/unbounded
> :string functions like OpenBSD (ex. strcopy->strlcpy) and the like?
> :
> :Cheers,
> :Ryan
>
>     Yes, there is definitely value in this sort of work, even for the
>     'safe' situations where old functions are used (like
>     sprintf(buf, "%d", v)), simply because then the audited and changed
>     functions will not show up in people's grep's for old functions
>     any more :-)
>
>     But the work must definitely be reviewed.  For every 50 string
functions
>     you replace you have a good chance at introducing 1 new bug :-)
>
> -Matt
> Matthew Dillon
> <dillon at xxxxxxxxxxxxx>

strl{cpy,cat} are not yet in the kernel, IIRC. Will we have them in a
libkern of some sort? Sure one can use the *nprint class functions, but
there is a point in the OpenBSD way and 5.x as well as NetBSD have binary
versions in the kernel.

Comments?

-Max <max at xxxxxxxxxxxxxx>







More information about the Kernel mailing list