Re: safestr alpha (Safe C String Library)

I think the approach they're pursuing --- print a message and exit by default, allow the programmer to override that default if they wish --- is the best possible solution.

Well-written code using facilities without exception management ends up having a lot of clutter from error-checking. Sure, it's important to do it right, but since the common case in many programming contexts is to print an error message and exit, that's a good default behavior --- especially for the sort of errors that might be thrown from a string handling library, where there's little a user (or application programmer) is likely to be able to do to help correct a problem. If it's also reasonable to override that default allowing explicit error handling where desired, then you meet everyone's needs.

I last programming extensively in C back in the late '80s and early '90s; when I was doing my heaviest C programming, I used a library I'd built up, which I called libbent, containing eventually several dozen wrappers following the model (from memory):

	FILE *efopen(file *path, file *mode) {
		FILE *fp;
		if (fp = fopen(name, mode))
			return(fp);
		(void) sprintf(stderr, "%s: fopen(%s, %s): %s\n",
			progname, path, mode, strerror(errno));
		exit(1);
		/*NOTREACHED*/
	}

or thereabouts. If I wanted to handle an error myself I just called fopen(), but in the common case I only had to add one letter, rather than a clause.

Since then I've been programming almost exclusively in perl; my code is pretty well larded up with "|| die ...", which fortunately isn't quite as bulky as the C, but is still a distraction. I often use Fatal to reduce the clutter, although it's not perfect either.

A security-minded library is well guided to offer the safest default behavior, making it easy enough to override when a programmer wishes to handle errors any other way.

Do you need help?

In addition to our free technical library, Pantek provides professional IT services to companies who utilize Open Source software: Learn more about Pantek's Technical Support offerings Place an order for 24/7/365 Technical Support here Learn more about Pantek, who we are, and what we do Chat with a Live Operator Related securityfocus.com Links bugtraq certification focus-bsd focus-ids focus-ih focus-linux focus-ms focus-sun focus-unix-other focus-virus forensics incidents libnet linux-secnews ms-secnews pen-test secpapers secprog sectools secureshell security-basics securityjobs sf-news vuln-dev webappsec Request more information about Pantek

-Bennett