6/25 What percent of security holes would be solved by banning strcpy()
in favor of strncpy()?
\_ probably not much, since they're all coming to be php bugs these
days.
\_ Or using Java instead of C (no buffer overrun)?
\_ It is not always possible to use java. I have customers
who tell me that they will not allow a jvm to run on
their systems for security reasons (the sun jvm cannot
be audited by their internal code reviewers). For such
people the only choice is C (don't tell me to write a
network application in lisp, just don't). I have other
customers who need software that will run within a 16 mb
memory footprint. Unless you use Java MicroEdition it is
not possible to get java to standup and do something
useful on such systems. Even with ME, it is tough since
lots of libs aren't available in ME.
\_ Any other cool things Java invented that we should know about?
-- ilyas
\_ I'm not sure that the PP said or implied anything that this
response is relevant to. Perhaps if you externalized your
wit a little more, your point would be less obscure.
\_ Sorry I wasn't trying to be witty. It's a bit of a sore
point with me when people advocate the worst possible
language with good_feature_001. For instance "We chose
perl because perl has GC." -- ilyas
\_ heh, my favourite feature in any programming language
is how much I'd be paid to program in it. Currently
msvc++ 6.0 is my mostest fav. language. - pst
\_ Ahh, okay. Thanks for clarifying.
\_ You should probably inform all those fortune 500
companies out there that they're using the worst
possible language then.
\_ Ah yes, the Fortune 500, the yardstick of
technological sanity, and general common sense.
-- ilyas
\_ OK, academia, global 2000, most web shops,
most enterprise software companies...
\_ We've had similar arguments on the motd many
times before, and I tire of them. They boil
down to "popular!=good". Anyone familiar with
MS Windows knows this. Let's change the
subject, shall we? -- ilyas
\_ But "popular != bad". Get off of your
Ocaml horse and join the rest of us
grunts.
\_ I like things other than ocaml. I even
think ruby's kind of neat (if only someone
would get off their lazy ass and write
a good compiler for it). Anyways, it's
true that popular != bad, but if you think
Java == good, I weep for your immortal
soul. -- ilyas
\_ I weep for your soul if you think the
mess that is functional programming
is good.
\_ Want a hanky? I am well aware this
is a troll, but I ll try to speak
in good faith. I don't know where
you got the idea that I like
'functional programming.' I like
things like lisp, and it is true
that lisp is more 'functional' than
Java, but lisp is also more
'object oriented' than Java, since
CLOS is much more powerful than
Java's object system, and lisp is
also more 'procedural' than Java,
if for no other reason than
because it doesn't have the moronic
statement/expression duality.
Languages that I tend to like tend
to be multi-paradigm languages.
The radical idea being that
different jobs require different
approaches. -- ilyas
\_ wow. get a slow ass application just to avoid using strncpy
\_ have you checked out the latest in Java with regards to
performance? It's not 1997 anymore...
\_ yes, 30 times slower than C++, 15 times slower than .Net
\_ we're talking about a real implementation, not your
half-baked hobbyist implementation.
\_ then again we didn't use super servers for the java
application
\_ It's not really an answerable question, but if you're in a
position to encourage/mandate its use, it's a good idea-- note
also the strl* family from openbsd. Having BSD code is nice because
you can wedge it into systems that don't provide it themselves.
\_ strncpy sucks too; it's not guaranteed to null-terminate the
destination string. Use strncat instead.
\_ I would recommend using snprintf instead of the str* functions.
snprintf will tell you if the buffer size has been exceeded,
while the others won't. Also snprintf guarantees that the string
will be null terminated.
\_ snprintf wasn't added to the C standard library until C99, but
most people still have C89 implementations. Also, although many
libraries provided their own snprintf function, the exact
behavior varies slightly from implementation to implementation. |