On Fri, Jul 20, 2018 at 02:32:29AM -0700, Junio C Hamano wrote: > > Contrast this with memcpy(). This is on Microsoft's SDL banned list[1], > > but I think it's silly for it to be. I would never add it to this list. > > A tangent, but is that because they want you to use memmove() > instead so that you do not have to worry about overlapping copies, > perhaps? That was my first thought, too, but nope. They recommend memcpy_s() instead. Which in my opinion adds very little value, while missing the most common misuse of memcpy I've seen in practice (the overlapping thing). Helpers like our COPY_ARRAY() are much more useful for preventing sizing mistakes, IMHO. But again, I'd never ban memcpy. The right tool for encouraging COPY_ARRAY() is coccinelle (because the matching is complicated, but also because we can mechanically turn it into the right thing, whereas a strcpy is going to require some manual reworking). -Peff
