Date: Mon, 21 Dec 1998 10:06:28 +0100 From: sthaug@nethelp.no To: mike@smith.net.au Cc: dcs@newsguy.com, current@FreeBSD.ORG Subject: Re: BootFORTH - demo floppy Message-ID: <13401.914231188@verdi.nethelp.no> In-Reply-To: Your message of "Mon, 21 Dec 1998 00:58:00 -0800" References: <199812210858.AAA50894@dingo.cdrom.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> > > We don't like counted strings. They suck for innumerable reasons, and > > > if the only reason for having them there is "tradition" (ie. there is > > > no reason *not* to take them away) then they can damn well die. 8) > > > > Given the many buffer overflows that have been found in various Unix > > applications through the years, and the recent cleanup of string handling > > in the kernel, maybe this view should be reexamined? > > *groan* > > Counted strings aren't somehow magically immune to overflowing their > buffers. Lousy programming technique will take you from behind no > matter what technology you think you're using. Of course. But counted strings can make some buffer overflow issues more visible, and may get the programmer to *think* about this. As an example, qmail uses a library which reimplements a good bit of the string handling in stdio, using counted strings. If counted strings suck for innumerable reasons, are these reasons documented somewhere? Steinar Haug, Nethelp consulting, sthaug@nethelp.no To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?13401.914231188>