On Mon, Mar 04, 2002 at 03:16:33PM +0100, Moritz Schulte wrote: > > I am working at the moment on some port from openBSD to debian, and > > discovered that they use this strlcpy|cat (security enhanced version > > of strNcpy|cat). Does someone know if there are any plan or a place > > to get those included in the standard version of the libc ? > > Get an impression: > > http://sources.redhat.com/ml/libc-alpha/2002-01/msg00001.html > http://sources.redhat.com/ml/libc-alpha/2000-08/msg00052.html Nice to see good old anti-Theoism influencing excuses to ignore code which makes perfect sense. I don't know how these functions have any effect on security over the strn functions except in the most indirect manner, but can anyone tell me what the point of not copying a string past the end of the space allocated for it is if the next time you attempt to use the newly copied string you run right off the edge of the new array? But somehow, s/n/l/ in the function name is harder to read and the function is "inefficient BSD crap". The only real controversy here is between the status quo and possibly inflating Theo's ego further (if such could actually be accomplished anyway.) In the meantime, most of my work (and a lot of other people's as well) will continue to reinvent the wheel while the glibc maintainers continue to cover their ears and hum REAL LOUD. -- Joseph Carter <knghtbrd@bluecherry.net> I N33D MY G4M3Z, D00D!!!!111!! (Just ... don't ask) Feb 5 13:27:01 trinity lp0 on fire -- the Linux kernel, alerting me that there was some unknown problem with my printer (ie, it was out of ink)
Attachment:
pgp3C86dnp9gh.pgp
Description: PGP signature