Return to the
comp.compilers page.
Search the
comp.compilers archives again.
| Related articles |
|---|
| C++ Compiler with a -Wwarn-use-of-strcpy or similar option?? psheer@WITHOUTicon.co.za (Paul Sheer) (2004-09-07) |
| Re: C++ Compiler with a -Wwarn-use-of-strcpy or similar option?? christian.bau@cbau.freeserve.co.uk (Christian Bau) (2004-09-08) |
| Re: C++ Compiler with a -Wwarn-use-of-strcpy or similar option?? kenrose@tfb.com (Ken Rose) (2004-09-13) |
| Re: C++ Compiler with a -Wwarn-use-of-strcpy or similar option?? strohm@airmail.net (John R. Strohm) (2004-09-13) |
| Re: C++ Compiler with a -Wwarn-use-of-strcpy or similar option?? psheer@icon.co.za (2004-09-14) |
| From: | psheer@icon.co.za (Paul Sheer) |
| Newsgroups: | comp.compilers,comp.lang.c++ |
| Date: | 14 Sep 2004 16:38:12 -0400 |
| Organization: | http://groups.google.com |
| References: | 04-09-038 04-09-064 |
| Keywords: | C++, practice |
| Posted-Date: | 14 Sep 2004 16:38:12 EDT |
> 1. Replacing strcpy with strncpy is a very bad idea. Where strcpy
> overwrites memory, strncpy will create char arrays that are not C
> strings.
Well, strncpy with a terminating assignment afterward. or of course
strlcpy
> 2. If you perform these changes automatically using some tool then
> security will go _down_.
Only if the tool is not intelligent enough to only do replacements in
cases where the array size is fixed.
> My recommendation: Take the whole source code. Give it to two
> separate programmers. Let them discuss very carefully between them
> how to make
This Is Exactly What I Don'T Want
Either the tool must be intelligent to make the changes without
errors, or there is no point.
See this thread on comp.lang.c++ .....
-paul
Return to the
comp.compilers page.
Search the
comp.compilers archives again.