This is the mail archive of the libstdc++@gcc.gnu.org mailing list for the libstdc++ project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: Using strlcpy if target OS allows it

From: Joe Buck <Joe dot Buck at synopsys dot COM>
To: Marc Espie <espie at nerim dot net>
Cc: libstdc++ at gcc dot gnu dot org
Date: Sun, 17 Apr 2005 19:02:30 -0700
Subject: Re: Using strlcpy if target OS allows it
References: <20050416120946.GC7776@tetto.home>

On Sat, Apr 16, 2005 at 02:09:46PM +0200, Marc Espie wrote:
> What's the correct way to test for a libc function on the target OS ?
> 
> The reason I'm asking is that OpenBSD has actually started killing uses
> of strcpy in its base system, for auditing purposes.
> 
> libstdc++ has a number of calls to strcpy, which can be replaced by
> strlcpy, if the host OS allows it...

If the strcpy call is correct, isn't replacing it by strlcpy a
pessimization?  Auditing for correctness of strcpy calls is appropriate;
minimizing their number seems like a good strategy as well;
forbidding it seems wrong (especially in a system support library where
every user will experience a slowdown).

I'd take strlcpy over strncpy, but not over strcpy (because the length
check can't be avoided even when it is redundant).

Follow-Ups:
- Re: Using strlcpy if target OS allows it
  - From: Marc Espie
- Re: Using strlcpy if target OS allows it
  - From: Marc Espie

References:
- Using strlcpy if target OS allows it
  - From: Marc Espie

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]