The Unix Heritage Society mailing list
 help / color / mirror / Atom feed
From: Warner Losh <imp@bsdimp.com>
To: Dave Horsfall <dave@horsfall.org>
Cc: The Eunuchs Hysterical Society <tuhs@tuhs.org>
Subject: Re: [TUHS] buffer overflow (Re: Happy birthday Morris worm
Date: Tue, 12 Nov 2019 16:22:44 -0700	[thread overview]
Message-ID: <CANCZdfrnOfxV-TP09Ye15FVLKuZAAudEd=FQ-iULgE1js4ra4Q@mail.gmail.com> (raw)
In-Reply-To: <alpine.BSF.2.21.9999.1911130944090.11612@aneurin.horsfall.org>

[-- Attachment #1: Type: text/plain, Size: 1058 bytes --]

On Tue, Nov 12, 2019 at 3:54 PM Dave Horsfall <dave@horsfall.org> wrote:

> On Tue, 12 Nov 2019, Bakul Shah wrote:
>
> > Unfortunately strcpy & other buffer overflow friendly functions are
> > still present in the C standard (I am looking at n2434.pdf, draft of
> > Sept 25, 2019). Is C really not fixable?
>
> No; POSIX requires all sorts of broken functions be present, otherwise it
> is not compliant; heck, last I looked it even requires gets().  And let's
> not even mention pointers...  We are our own worst enemy.[*]
>

POSIX can't even recognize that leap seconds exist :(


> All is not lost, though; use strncpy() instead of strcpy() etc.  These
> days my first choice is Perl, despite it being bloated (I only use C if
> it's trivial or I need the speed).  I must look at Ruby, though...
>

strncpy has two issues. First, it doesn't guarantee NUL termination.
Second, it always writes N bytes. It's for a fixed width data field, not a
variable length string whose buffer size is known. strlcpy is much better,
but still has some issues...

Warner

[-- Attachment #2: Type: text/html, Size: 1654 bytes --]

  reply	other threads:[~2019-11-12 23:23 UTC|newest]

Thread overview: 31+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-11-12 20:56 [TUHS] " Norman Wilson
2019-11-12 22:00 ` Dave Horsfall
2019-11-12 22:10 ` [TUHS] buffer overflow (Re: " Bakul Shah
2019-11-12 22:14   ` Larry McVoy
2019-11-12 22:41     ` Robert Clausecker
2019-11-12 22:49       ` Arthur Krewat
2019-11-12 23:45       ` Jon Steinhart
2019-11-13  0:38         ` Warren Toomey
2019-11-13  1:09         ` Arthur Krewat
2019-11-13  0:24       ` Larry McVoy
2019-11-12 22:54   ` Dave Horsfall
2019-11-12 23:22     ` Warner Losh [this message]
2019-11-12 23:27       ` Arthur Krewat
     [not found]     ` <alpine.DEB.2.20.1911191443530.10845@grey.csi.cam.ac.uk>
2019-11-21 20:02       ` Dave Horsfall
2019-11-21 20:38         ` Warner Losh
2019-11-21 21:04           ` Clem Cole
2019-11-21 22:06           ` Dave Horsfall
2019-11-21 21:48         ` Steffen Nurpmeso
2019-11-13  7:35 ` [TUHS] " arnold
2019-11-13 18:02   ` [TUHS] Happy birthday Morris worm [ really programming education ] Jon Steinhart
2019-11-13 18:49     ` Tyler Adams
2019-11-13 19:15     ` [TUHS] #defines and enums ron
2019-11-13 21:11       ` Warner Losh
2019-11-13 21:22     ` [TUHS] Happy birthday Morris worm [ really programming education ] Chet Ramey
2019-11-15 22:49     ` Adam Thornton
2019-11-15 23:59       ` Theodore Y. Ts'o
2019-11-12 22:39 [TUHS] buffer overflow (Re: Happy birthday Morris worm Norman Wilson
2019-11-13  1:43 ` John P. Linderman
2019-11-21 13:10   ` William Cheswick
2019-11-21 18:04     ` Steve Johnson
2019-11-21 21:51       ` John P. Linderman

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CANCZdfrnOfxV-TP09Ye15FVLKuZAAudEd=FQ-iULgE1js4ra4Q@mail.gmail.com' \
    --to=imp@bsdimp.com \
    --cc=dave@horsfall.org \
    --cc=tuhs@tuhs.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).