[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: libintl.h warnings with -Wundef
|
From: |
Marc Espie |
|
Subject: |
Re: libintl.h warnings with -Wundef |
|
Date: |
Sun, 21 Sep 2008 18:12:06 +0200 |
|
User-agent: |
Mutt/1.5.18 (2008-05-17) |
On Sun, Sep 21, 2008 at 07:59:07AM -0700, Paul Eggert wrote:
> The opposition to the OpenBSD-style deprecation of strcpy is not
> political: it's technical. The GNU approach avoids having arbitrary
> limits on buffer size, and in this approach, primitives like strlcpy
> are avoided. There are important techical advantages of the GNU
> approach. There are disadvantages as well, but we feel the advantages
> outweigh the disadvantages. (Lead OpenBSD developers disagree, of
> course.)
You missed the point completely. We have a belt-and-suspenders approach.
We do advocate non-fixed size buffers. But mistakes happen, and strlcpy
is specifically designed to be usable by morons. It's still possible
to botch the test, but really really hard. Thus if you compute a buffer
size, do the dynamic allocation, then use strlcpy and strlcat to do the
filling, you can see trivial errors.
I've seen all sorts of buffer bugs. Some programmers are not good enough,
and even the ones who are good do mistakes occasionally. strlcpy catches
mistakes, and it's still cheap. As far as I know, the real reason it's
not in linux is because Ulrich Drepper is arrogant enough to say he *never*
makes the kind of mistakes strlcpy is meant to catch.
Re: libintl.h warnings with -Wundef, Ralf Wildenhues, 2008/09/20