Il giorno mer, 06/04/2011 alle 08.50 -0700, Kelly O'Hair ha scritto: > Just an FYI... > > Anyone working with C/C++ should be well aware of the functions we should be > avoiding: > http://hub.opensolaris.org/bin/view/Community+Group+security/funclist > > Microsoft has used the term "banned" and has a much more extensive list: > http://msdn.microsoft.com/en-us/library/bb288454.aspx > > Unfortunately, we often cannot use the recommended replacements unless we > know that the > replacement is available on all platforms, however, some are fairly obvious, > like using snprintf > instead of sprintf. > > Functions like sprintf, vsprintf, strcat, strcpy, access, chmod, chown, > lchown, chdir, ... > all have know issues or have caused too many common mistakes over the years, > we need to > avoid the use of these functions. > > -kto
Very nice list, thanks, Mario -- pgp key: http://subkeys.pgp.net/ PGP Key ID: 80F240CF Fingerprint: BA39 9666 94EC 8B73 27FA FC7C 4086 63E3 80F2 40CF IcedRobot: www.icedrobot.org Proud GNU Classpath developer: http://www.classpath.org/ Read About us at: http://planet.classpath.org OpenJDK: http://openjdk.java.net/projects/caciocavallo/ Please, support open standards: http://endsoftpatents.org/
