On Thu, 09 Aug 2012 10:56:10 +0200, Pascal Stumpf wrote: > On Thu, 09 Aug 2012 07:40:43 +0200, Marc Balmer wrote: > > A few more sprintf() to snprintf() conversion. > > > > We need to find a proper way to replace strcpy() and strcat(), maybe > > keep a local copy of strlcpy() and strlcat() from OpenBSD around > > somewhere? Other suggestions? > > +1 > > Or link with -lbsd, which is provided on most Linux distributions > nowadays. The hard part is to do the replacement work. If someone is > interested, I can send them a full build log on OpenBSD, where the > linker warns about the use of unsafe functions.
Also, I've seen some instances where strncpy() is obviously misused (assuming it NUL-terminates the string, which it does not). ------------------------------------------------------------------------------ Live Security Virtual Conference Exclusive live event will cover all the ways today's security and threat landscape has changed and how IT managers can respond. Discussions will include endpoint security, mobile security and the latest in malware threats. http://www.accelacomm.com/jaw/sfrnl04242012/114/50122263/ _______________________________________________ cdesktopenv-devel mailing list cdesktopenv-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/cdesktopenv-devel
