"Secure coding" audit checkers and Kerberos
Tom Yu
tlyu at MIT.EDU
Wed Oct 15 17:14:16 EDT 2008
John Hascall <john at iastate.edu> writes:
>> On Wed, Oct 15, 2008 at 03:49:05PM -0500, John Hascall wrote:
>> > > I disagree with the "far more baggage" characterization. Particularly
>> > > if the alternative is to use memcpy() instead of strcpy().
>> >
>> > While I can certainly understand the visceral dislike of memcpy
>> > for string copies -- implementing every possible doohicky that
>> > can go in a (GNU extended) *printf format string is a whole lot
>> > of baggage.
>>
>> But you don't need to. You can implement asprintf() ontop of even an
>> old snprintf() -- just realloc() if snprintf() > the allocated buffer.
>
> 1) snprintf is also non-standard
snprintf is in C99. Is that good enough for "standard"?
> 2) there are some horrible snprintf's out there,
> including ones which do little more than call sprintf!
What platforms are these on? I think that we do not want to go to
extreme lengths working around vulnerabilities in OS C libraries.
More information about the krbdev
mailing list