This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Time to add strlcpy/strlcat FINALLY

From: Paul Eggert <eggert at cs dot ucla dot edu>
To: dwheeler at dwheeler dot com, libc-alpha <libc-alpha at sourceware dot org>
Date: Wed, 13 Aug 2014 18:09:22 -0700
Subject: Re: Time to add strlcpy/strlcat FINALLY
Authentication-results: sourceware.org; auth=none
References: <E1XHgtz-0001zg-Ct at rmm6prod02 dot runbox dot com>

David A. Wheeler wrote:

The general consensus of people who have *studied*  how to develop secure software

Long ago, when I looked into the matter by examining the first fewinstances of strlcpy in OpenSSH (this was soon after they rewrote it touse strlcpy), the use of strlcpy did not fix any bugs and may haveintroduced one due to silent truncation. This convinced me that strlcpywas not a good way to go for its intended application area. And I'llbet my admittedly-brief study examined more empirical evidence than thecavalcade of experts you cited.

The argument is not strlcpy versus nothing. It's strlcpy versusreasonable alternatives that take the same or less work. These days thealternatives are better, so why refight this old battle?

Follow-Ups:
- Re: Time to add strlcpy/strlcat FINALLY
  - From: Rich Felker
- Re: Time to add strlcpy/strlcat FINALLY
  - From: William Park

References:
- Time to add strlcpy/strlcat FINALLY
  - From: David A. Wheeler

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]