Josiah Carlson wrote: > "Neil Hodgson" <[EMAIL PROTECTED]> wrote: > > > > Jeremy Evans: > > > > > In updating the Scintilla and SciTE ports to 1.70 for OpenBSD, I've > > > done a code audit and replaced the insecure string handling functions > > > (strcat, strcpy, sprintf) with the secure ones (strlcat, strlcpy, > > > snprintf, respectively). Hopefully these security fixes can be > > > applied to future versions of Scintilla and SciTE. > > > > I won't be incorporating patches that will not compile with the > > above compilers or with GCC 4.1. > > If the signatures are somewhat compatible, it would seem reasonable to > use compiler-specific macro definitions, or even wrapper functions whose > bodies are inlined. Or maybe I have no idea what I'm talking about.
Inlined functions would be the best approach, considering that this is a C++ project :). One advantage of inlined functions is that you can deal with functions that have different signatures. They would most likely belong in the platform section as this is where the platform-specific code goes. You would then use the appropriate compiler defines to detect what the actual function names are. This could then allow variants like: * use the Windows versions (lstrcpy, etc.); * use the VC2005 safe versions (e.g. strncpy_s); * use the Windows "strsafe.h" versions; * use a roll your own implementation (useful for WinCE, where library support may be limited and vary depending on the platform). - Reece _________________________________________________________________ Be one of the first to try Windows Live Mail. http://ideas.live.com/programpage.aspx?versionId=5d21c51a-b161-4314-9b0e-4911fb2b2e6d _______________________________________________ Scintilla-interest mailing list [email protected] http://mailman.lyra.org/mailman/listinfo/scintilla-interest
