--69pVuxX8awAiJ7fD
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Apr 21, 2004 at 11:35:37PM -0400, Bill Squier wrote:
> On Thu, Apr 22, 2004 at 12:34:52AM +0000, Jun-ichiro itojun Hagino wrote:
> >=20
> > Log Message:
> > sprintf -> snprintf
> >=20
>=20
>=20
> I have decided to further secure NetBSD by changing all the instances of
> the word 'sprintf' in your log messages to 'snprintf'.
>=20
> All kidding aside, don't you feel that some of these changes are a waste =
of
> your valuable time?  Many of these changes are in device drivers where the
> lengths of these items are fixed.

If I understand some of Itojun's past comments, I think the idea is not=20
that the code is vulnerable, but the idea to have all examples be safe=20
ones. So that when future programmers copy code, they always see safe=20
examples.

However I wonder if we really should do this. If the only reason code is=20
safe is that the programmer only had "safe" examples, then we don't have=20
true understanding, we have security through luck.

Take care,

Bill

--69pVuxX8awAiJ7fD
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQFAh1dJWz+3JHUci9cRAu4mAJ9YTHJN9b3Rs1ca31sEZPIbCgRwFwCgjTFr
8GNE9gx6xfdu08sbcmkf6/0=
=bTe4
-----END PGP SIGNATURE-----

--69pVuxX8awAiJ7fD--