Subject: Re: CVS commit: src/sys/arch/i386
To: Bill Squier <groo@old-ones.com>
From: Bill Studenmund <wrstuden@netbsd.org>
List: source-changes
Date: 04/21/2004 22:25:29
--69pVuxX8awAiJ7fD
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Wed, Apr 21, 2004 at 11:35:37PM -0400, Bill Squier wrote:
> On Thu, Apr 22, 2004 at 12:34:52AM +0000, Jun-ichiro itojun Hagino wrote:
> >=20
> > Log Message:
> > sprintf -> snprintf
> >=20
>=20
>=20
> I have decided to further secure NetBSD by changing all the instances of
> the word 'sprintf' in your log messages to 'snprintf'.
>=20
> All kidding aside, don't you feel that some of these changes are a waste =
of
> your valuable time? Many of these changes are in device drivers where the
> lengths of these items are fixed.
If I understand some of Itojun's past comments, I think the idea is not=20
that the code is vulnerable, but the idea to have all examples be safe=20
ones. So that when future programmers copy code, they always see safe=20
examples.
However I wonder if we really should do this. If the only reason code is=20
safe is that the programmer only had "safe" examples, then we don't have=20
true understanding, we have security through luck.
Take care,
Bill
--69pVuxX8awAiJ7fD
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)
iD8DBQFAh1dJWz+3JHUci9cRAu4mAJ9YTHJN9b3Rs1ca31sEZPIbCgRwFwCgjTFr
8GNE9gx6xfdu08sbcmkf6/0=
=bTe4
-----END PGP SIGNATURE-----
--69pVuxX8awAiJ7fD--