Roland Illig wrote:
> Hi all,
> 
> the stand-alone library still contains two function with buffer 
> overflows, namely gets() and getpass(). To fix that, I have written the 
> appended patch.

I'm currently building NetBSD/alpha to test the effect on the code size. 
On i386 and sparc I could already reduce the code size so that the code 
_with_ the overflow checking is actually smaller than the old code 
without. So I'm confident we can have small _and_ secure code. :)

Roland