Re: More thinking securely...

[David Rhodus <drhodus@xxxxxxxxx>]

On Dec 9, 2003, at 2:15 PM, Matthew Dillon wrote:

> :Would there be any value (right now) in moving away from 
> unsafe/unbounded
> :string functions like OpenBSD (ex. strcopy->strlcpy) and the like?
> :
> :Cheers,
> :Ryan
>
>     Yes, there is definitely value in this sort of work, even for the
>     'safe' situations where old functions are used (like
>     sprintf(buf, "%d", v)), simply because then the audited and changed
>     functions will not show up in people's grep's for old functions
>     any more :-)
>
>     But the work must definitely be reviewed.  For every 50 string 
> functions
>     you replace you have a good chance at introducing 1 new bug :-)

I wonder if this is something that we should do slowly as were doing 
with
some of the k&r type definition cleanups in the kernel as there is 
still a
considerable amount of code being pulled in from various 
places(FreeBSD...).
Changing too many of these might slow down the import process for code, 
ex
the agp code from today....

-DR