Re: CVS commit: src/sys/arch/i386

To: perry%piermont.com@localhost
Subject: Re: CVS commit: src/sys/arch/i386
From: "M. Warner Losh" <imp%bsdimp.com@localhost>
Date: Thu, 22 Apr 2004 09:27:28 -0600 (MDT)

In message: <87brlk2htj.fsf%snark.piermont.com@localhost>
            "Perry E. Metzger" <perry%piermont.com@localhost> writes:
: 
: groo%old-ones.com@localhost (Bill Squier) writes:
: > I have decided to further secure NetBSD by changing all the instances of
: > the word 'sprintf' in your log messages to 'snprintf'.
: >
: > All kidding aside, don't you feel that some of these changes are a waste of
: > your valuable time?  Many of these changes are in device drivers where the
: > lengths of these items are fixed.
: 
: I think that, in general, we should be eliminating all use of unsafe
: string ops everywhere, even when "known safe", because people do
: stupid things with time (like copying or changing code to produce
: unsafe results.) Even our smartest developers have screwed stuff like
: this up in the past.

Using the unsafe APIs in a safe way requires perfection.  I agree with
Perry here: history has shown that all developers are imperfect at
least once.

Warner

Follow-Ups:
- Re: CVS commit: src/sys/arch/i386
  - From: Perry E. Metzger

References:
- CVS commit: src/sys/arch/i386
  - From: Jun-ichiro itojun Hagino
- Re: CVS commit: src/sys/arch/i386
  - From: Bill Squier
- Re: CVS commit: src/sys/arch/i386
  - From: Perry E. Metzger

Prev by Date: CVS commit: src/sys/netinet
Next by Date: Re: CVS commit: src/sys/arch/i386
Previous by Thread: Re: CVS commit: src/sys/arch/i386
Next by Thread: Re: CVS commit: src/sys/arch/i386
Indexes:

Home | Main Index | Thread Index | Old Index