From owner-freebsd-security Thu Jul 15 10:11:45 1999 Delivered-To: freebsd-security@freebsd.org Received: from lariat.lariat.org (lariat.lariat.org [206.100.185.2]) by hub.freebsd.org (Postfix) with ESMTP id E474414D9E for ; Thu, 15 Jul 1999 10:11:37 -0700 (PDT) (envelope-from brett@lariat.org) Received: from mustang.lariat.org (IDENT:ppp0.lariat.org@lariat.lariat.org [206.100.185.2]) by lariat.lariat.org (8.9.3/8.9.3) with ESMTP id LAA08597; Thu, 15 Jul 1999 11:11:29 -0600 (MDT) Message-Id: <4.2.0.58.19990715110902.044e7cc0@localhost> X-Sender: brett@localhost X-Mailer: QUALCOMM Windows Eudora Pro Version 4.2.0.58 Date: Thu, 15 Jul 1999 11:11:22 -0600 To: Paul Hart , freebsd-security@FreeBSD.ORG From: Brett Glass Subject: Re: OpenBSD's strlcpy(3) and strlcat(3) In-Reply-To: Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org When I met him at Def Con, Mike Smith pooh-poohed Theo's presentation. I've looked it over on my own, however, and think that Theo has some good points. In particular, the notion that one should be able to detect and react to unexpected truncation of a string is a good one. I'd like to see these functions in FreeBSD's standard libraries, and to see them used in FreeBSD's kernel and userland. --Brett At 10:47 AM 7/15/99 -0600, Paul Hart wrote: >I was just reviewing the proceedings from the USENIX 1999 Annual Technical >Conference where Todd Miller and Theo de Raadt presented a paper on two >new functions that OpenBSD has integrated into libc. The new functions, >strlcpy(3) and strlcat(3), are intended to provide an easily understood >means of safe string copying and concatenation to programmers. Of course, >strcpy(3) and strcat(3) have obvious dangers, but their standardized >intended replacements, strncpy(3) and strncat(3), suffer from some subtle >dangers as well that can trip up even experienced programmers. > >I was impressed by the paper and wondered if anyone besides myself would >be amenable to including them in FreeBSD's libc. Are there members of the >FreeBSD core and community that would be interested in importing these new >functions? The semantics of strncpy(3) and strncat(3) have struck me as >warts on the C standard for some time. I'm not sure what debate took >place on the standardization committee, but whatever it was seems to have >produced some strange results. > >If you are a USENIX member you can access the text of the paper at: > > http://www.usenix.org/events/usenix99/millert.html > >Paul Hart > >-- >Paul Robert Hart ><8> ><8> ><8> Verio Web Hosting, Inc. >hart@iserver.com ><8> ><8> ><8> http://www.iserver.com/ > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message