The license http://www.apache.org/licenses/LICENSE-2.0.html
Says 7. Disclaimer of Warranty. Unless required by applicable law or agreed to in writing, Licensor provides the Work (and each Contributor provides its Contributions) on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied, including, without limitation, any warranties or conditions of TITLE, NON-INFRINGEMENT, MERCHANTABILITY, or FITNESS FOR A PARTICULAR PURPOSE. You are solely responsible for determining the appropriateness of using or redistributing the Work and assume any risks associated with Your exercise of permissions under this License. I think activemq is pretty awesome, given the functionality / price ratio, but I don't think it's reasonable to expect definitely state "it's safe" > -----Original Message----- > From: leaski [mailto:tristan.le...@enghouse.com] > Sent: Friday, August 28, 2015 6:56 AM > To: users@activemq.apache.org > Subject: ActiveMQ CPP a Safe C library? > > Hi all, > > Not sure if this is the right place to ask or not, so sorry if it isn't. > > I am currently using the Active MQ CPP connector, so that I can produce and > consume topics over an Active MQ bus. Recently I have asked to evaluate the > security of our system and the components that it uses. One of those > requirements is to make sure that the software is protected as best as it can > be > from buffer exploits, and one way of doing this is to make sure that safe C > libraries are being used with C code, and that C++ code uses safe API > equivalents, e.g. strncpy() to strncpy_S(). > > I could potentially get someone to look in to the code to evaluate if the > library > does its best to use safe C calls, but I thought it would be quicker to ask > first. > > So, any comments? > > Thanks in advance! > > > > -- > View this message in context: > http://activemq.2283324.n4.nabble.com/ActiveMQ-CPP-a-Safe-C-library- > tp4701486.html > Sent from the ActiveMQ - User mailing list archive at Nabble.com.
