[Opendnssec-develop] string handling
Jakob Schlyter
jakob at kirei.se
Thu Apr 9 09:33:06 UTC 2009
On 9 apr 2009, at 11.27, Stephen.Morris at nominet.org.uk wrote:
>
> If true, the things that concern me are:
>
> a) The implementation differences between BSD and Solaris
> b) The fact that these are not in the GNU C library.
>
> (I'm not worried by the truncation argument. If you are using fixed-
> length buffers as destinations, you should expect truncation. That
> is a lesser evil than a buffer overflow.)
>
> As the functions are so trivial, why not write our own (OpenDNSSEC-
> wide)
> versions and avoid any problems with them?
I've seen the issues brough up by redhat, but still there is no better
alternative.
instead of writing our own stuff, I strongly suggest we use the compat
functions provided as part of OpenSSH (and thus very widely used on
may platforms).
- http://anoncvs.mindrot.org/index.cgi/openssh/openbsd-compat/
- http://anoncvs.mindrot.org/index.cgi/openssh/openbsd-compat/strlcpy.c?view=log
- http://anoncvs.mindrot.org/index.cgi/openssh/openbsd-compat/strlcat.c?view=log
jakob
More information about the Opendnssec-develop
mailing list