"Secure coding" audit checkers and Kerberos
Nicolas Williams
Nicolas.Williams at sun.com
Wed Oct 15 16:35:38 EDT 2008
On Wed, Oct 15, 2008 at 03:16:06PM -0500, John Hascall wrote:
>
> > asprintf(&buf, "%s%s%s", s1, s2, s3);
> > if (buf == NULL)
> > return ENOMEM;
> > Love
>
> asprintf is a non-standard, and therefore
> sub-optimally portable, GNU extension --
> so you're still stuck writing something else
> (perhaps your own asprintf implementation,
> which is far more baggage than one needs
> to concat a few strings).
I disagree with the "far more baggage" characterization. Particularly
if the alternative is to use memcpy() instead of strcpy().
More information about the krbdev
mailing list