Source-Changes archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: CVS commit: src/sys/arch/i386



In message: <87brlk2htj.fsf%snark.piermont.com@localhost>
            "Perry E. Metzger" <perry%piermont.com@localhost> writes:
: 
: groo%old-ones.com@localhost (Bill Squier) writes:
: > I have decided to further secure NetBSD by changing all the instances of
: > the word 'sprintf' in your log messages to 'snprintf'.
: >
: > All kidding aside, don't you feel that some of these changes are a waste of
: > your valuable time?  Many of these changes are in device drivers where the
: > lengths of these items are fixed.
: 
: I think that, in general, we should be eliminating all use of unsafe
: string ops everywhere, even when "known safe", because people do
: stupid things with time (like copying or changing code to produce
: unsafe results.) Even our smartest developers have screwed stuff like
: this up in the past.

Using the unsafe APIs in a safe way requires perfection.  I agree with
Perry here: history has shown that all developers are imperfect at
least once.

Warner



Home | Main Index | Thread Index | Old Index