[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: Theo chiming in on strlcpy
On Sat, Dec 21, 2013 at 08:22:05PM +0100, Marc Espie wrote:
> > > Oh, you can borrow from us (for the "recognizing bad code"), we've
> > > been patching the compiler and the libc to warn about strcpy and
> > > friends for years. (the compiler, because otherwise, the built-ins
> > > tend to vanish)
> > Right, because all uses of strcpy are bad. Yeah.
> No, only about 99% of them. There are many many developers out there,
> and most of them don't know how to write reasonably secure code.
> Yeah, you're probably the 1% that uses strcpy correctly the first time.
> But think about it. Less gifted developers are going to use it incorrectly.
> Or go write impossible-to-audit messes.
> I prefer having my code go 0.5% less fast, but not to have to spend hours
> auditing wacky wacky wacky string stuff.
Not only have I thought about it, I've been patching insecure code as
long as just about anyone. I just don't happen to agree with your
David A. Holland
Main Index |
Thread Index |