Re: best practice for packing programs that use strlcpy()?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, 2010-01-28 at 23:38 -0800, Eric Smith wrote:
> Tom "spot" Callaway wrote:
> > You could probably package up libbsd for inclusion:
> > http://libbsd.freedesktop.org/wiki/
> >   
> That's exactly the kind of thing I was hoping to find.  I've submitted a 
> package for review:
> 
> https://bugzilla.redhat.com/show_bug.cgi?id=559856

Be aware also that despite rumors to the contrary it's just as easy to
misuse and abuse srtl* and friends as the other string handling
routines.

Code using them should be subject to the same security review scrutiny
as code using other string mungling interfaces.

Cheers,
Bryn.

-- 
devel mailing list
devel@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux