[Opendnssec-develop] string handling
Stephen.Morris at nominet.org.uk
Stephen.Morris at nominet.org.uk
Thu Apr 9 09:27:18 UTC 2009
Jakob Schlyter <jakob at kirei.se> wrote on 07/04/2009 19:06:14:
> On 7 apr 2009, at 12.37, Rickard Bondeson wrote:
>
> :
>
> I'd just like to make a more public note regarding string handling in
> OpenDNSSEC; as long as possible we should should strlcpy(3) and
> strlcat(3) instead of home-brewn similar functions. if we need to
> support platforms that does not have those functions, we'll import
> compat-version from OpenSSH.
I note a reservation in the Wikipedia article on the subject:
> > Red Hat developers Ulrich Drepper and James Antill are critics of
> > the strlcpy and strlcat functions.[2] Antill notes that they are
> > non-standard and that there are implementation differences between
> > the BSD and Solaris implementations (the return value of strlcat
> > when there is no nul in the destination buffer).[3] Antill also
> > expressed concern regarding the risks of truncation when using any
> > string function involving static allocation.[4] Drepper argues that
> > strlcpy and strlcat make truncation errors easier for a programmer
> > to ignore and thus can introduce more bugs than they remove;[2]
> > consequently, these functions have not been added to the GNU C
Library.
If true, the things that concern me are:
a) The implementation differences between BSD and Solaris
b) The fact that these are not in the GNU C library.
(I'm not worried by the truncation argument. If you are using fixed-
length buffers as destinations, you should expect truncation. That
is a lesser evil than a buffer overflow.)
As the functions are so trivial, why not write our own (OpenDNSSEC-wide)
versions and avoid any problems with them?
Stephen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20090409/fae37a5e/attachment.htm>
More information about the Opendnssec-develop
mailing list