Hosting Provided By

RE: safe strcpy()?

From: Ed Carp <erc(at)pobox.com>
Date: Tue Jan 28 2003 - 20:06:48 EST

On Tue, 28 Jan 2003, Michael Howard wrote:

> Of course, the real way to build secure software is not to use "safe"

The problem with this is if you have to retrofit millions of lines of old code. Maybe Microsoft can afford to pay people to do this sort of donkey work by hand, but we certainly can't! And how can you check data validity in the destination when doing a string copy, anyway?

Are your safe handling header files checking destinations for string copies?

--
Ed Carp, N7EKG          
http://www.pobox.com/~erc               214/986-5870
Licensed Texas Peace Officer
Computer Crime Investigation Consultant

Director, Software Development
Escapade Server-Side Scripting Engine Development Team
http://www.squishedmosquito.com

Microsoft Front Page - the official HTML editor of Al Qaeda
Microsoft Hotmail - the official email of Al Qaeda

Received on Wed Jan 29 15:57:09 2003

This message: [ Message body ]
Next message: Timo Sirainen: "Re: safe strcpy()?"
Previous message: Hall, Philip: "RE: safe strcpy()?"
In reply to Michael Howard: "RE: safe strcpy()?"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ] [ By messages with attachments ]

This archive was generated by hypermail 2.1.8 : Wed Aug 23 2006 - 14:02:46 EDT