This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: Wish for 2002 ...

> Date: Fri, 11 Jan 2002 13:51:26 -0600
> From: Francois Leclerc <>
> Second school: My humble, radical view point.
> run "gmake"
> run "its4", "rats" & "flawfinder" 
> Eliminate all references to strcat/strcpy...
> Introduce strlcat or use alternate constructs.

Blindly replacing strcat/strcpy with strlcat/strlcpy is
counterproductive, for reasons we've already discussed.
It makes the code harder to maintain, and it is no safer
than conventional fixes.

It is certainly reasonable to use alternate constructs, though.  You
might start with the function that Linus Torvalds proposed in this
thread.  It can be improved -- for example, you might want to
generalize it to a single function that can handle an arbitrary number
of string arguments -- but it is a good starting point.

> This process is not constraining on the individual participants but
> will hardly help in a SSE-CMM or CC certification higher than level 1.

But _you_ are the one who wants to remove all instances of
strcpy/strcat from your code.  SSE-CMM etc. do not require it.
Nor do they require replacing it with strlcpy/strlcat.

You cannot appeal directly to SSE-CMM etc. in this discussion.
You have to make your own case for your desired coding standard.
And so far, your case has been too weak to be a convincing argument
for adding these two controversial primitives to glibc.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]