This is the mail archive of the
libc-alpha@sources.redhat.com
mailing list for the glibc project.
Re: PATCH: safe string copy and concetation
- To: libc-alpha at sources dot redhat dot com
- Subject: Re: PATCH: safe string copy and concetation
- From: Chiaki Ishikawa <Chiaki dot Ishikawa at personal-media dot co dot jp>
- Date: Wed, 9 Aug 2000 07:38:43 +0900 (JST)
X-PMC-CI-e-mail-id: 13401
For a newly written programs going through debugging,
I think Ultrich Drepper's argument makes sense.
However, on a running server, you may find, to our horror and
surprise, that a necessary daemon or production programs have
a str* related overflow. Ugh.
In such a case, strlcpy and friends can be a valuable tool
for a QUICK SHORTT-TERM BAND-AID.
We can BUY TIME TO FIX THE PROBLEMS at the root cause while
at least the program in question is limping along (not crashing, nor
being abused.).
Real world problems of B-news came to my mind when I looked the exchanges on
this topic.
(Once the Internet becme very large in a short time, Bnews experienced
internal buffer overflows because the size of buffers allocated for
news propagation paths was not long enough, etc..
I wish I had strlcpy and friends back when this happend.
I tried kludges for about 3 months each time a new problem surfaced
but gave up and switched to INN.)
--
Ishikawa, Chiaki ishikawa@personal-media.co.jp.NoSpam or
(family name, given name) Chiaki.Ishikawa@personal-media.co.jp.NoSpam
Personal Media Corp. ** Remove .NoSpam at the end before use **
Shinagawa, Tokyo, Japan 142-0051