[Opendnssec-develop] string handling

Stephen.Morris at nominet.org.uk Stephen.Morris at nominet.org.uk
Thu Apr 9 09:27:18 UTC 2009

Jakob Schlyter <jakob at kirei.se> wrote on 07/04/2009 19:06:14:

> On 7 apr 2009, at 12.37, Rickard Bondeson wrote:
> :
> I'd just like to make a more public note regarding string handling in 
> OpenDNSSEC; as long as possible we should should strlcpy(3) and 
> strlcat(3) instead of home-brewn similar functions. if we need to 
> support platforms that does not have those functions, we'll import 
> compat-version from OpenSSH.

I note a reservation in the Wikipedia article on the subject:

> > Red Hat developers Ulrich Drepper and James Antill are critics of 
> > the strlcpy and strlcat functions.[2] Antill notes that they are 
> > non-standard and that there are implementation differences between 
> > the BSD and Solaris implementations (the return value of strlcat 
> > when there is no nul in the destination buffer).[3] Antill also 
> > expressed concern regarding the risks of truncation when using any 
> > string function involving static allocation.[4] Drepper argues that 
> > strlcpy and strlcat make truncation errors easier for a programmer 
> > to ignore and thus can introduce more bugs than they remove;[2] 
> > consequently, these functions have not been added to the GNU C 

If true, the things that concern me are:

a) The implementation differences between BSD and Solaris
b) The fact that these are not in the GNU C library.

(I'm not worried by the truncation argument.  If you are using fixed-
length buffers as destinations, you should expect truncation.  That
is a lesser evil than a buffer overflow.)

As the functions are so trivial, why not write our own (OpenDNSSEC-wide)
versions and avoid any problems with them?

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.opendnssec.org/pipermail/opendnssec-develop/attachments/20090409/fae37a5e/attachment.htm>

More information about the Opendnssec-develop mailing list