Avoid certain functions in C/C++
Mario Torre
neugens at limasoftware.net
Wed Apr 6 17:55:32 UTC 2011
Il giorno mer, 06/04/2011 alle 08.50 -0700, Kelly O'Hair ha scritto:
> Just an FYI...
>
> Anyone working with C/C++ should be well aware of the functions we should be avoiding:
> http://hub.opensolaris.org/bin/view/Community+Group+security/funclist
>
> Microsoft has used the term "banned" and has a much more extensive list:
> http://msdn.microsoft.com/en-us/library/bb288454.aspx
>
> Unfortunately, we often cannot use the recommended replacements unless we know that the
> replacement is available on all platforms, however, some are fairly obvious, like using snprintf
> instead of sprintf.
>
> Functions like sprintf, vsprintf, strcat, strcpy, access, chmod, chown, lchown, chdir, ...
> all have know issues or have caused too many common mistakes over the years, we need to
> avoid the use of these functions.
>
> -kto
Very nice list, thanks,
Mario
--
pgp key: http://subkeys.pgp.net/ PGP Key ID: 80F240CF
Fingerprint: BA39 9666 94EC 8B73 27FA FC7C 4086 63E3 80F2 40CF
IcedRobot: www.icedrobot.org
Proud GNU Classpath developer: http://www.classpath.org/
Read About us at: http://planet.classpath.org
OpenJDK: http://openjdk.java.net/projects/caciocavallo/
Please, support open standards:
http://endsoftpatents.org/
More information about the build-dev
mailing list