Date: Tue, 23 Nov 1999 14:15:52 -0800 (PST) From: Kris Kennaway <kris@hub.freebsd.org> To: peter.jeremy@alcatel.com.au Cc: current@FreeBSD.ORG Subject: Re: FreeBSD security auditing project. Message-ID: <Pine.BSF.4.21.9911231412030.46173-100000@hub.freebsd.org> In-Reply-To: <99Nov24.075703est.40331@border.alcanet.com.au>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 24 Nov 1999, Peter Jeremy wrote: > >> o unsafe use of the str*(3) functions; strcat/strcpy/sprintf &c. > > > >I wonder how many instances of the potentially unsafe functions there are > >in the source tree? :) > > A 'grep | wc' equivalent over the source tree gives: > > gets 110 > strcat 2860 > strcpy 4717 > strncat 167 > strncpy 1514 > sprintf 6839 > vsprintf 133 *ouch* :-) > And these are the easy ones... Indeed :-( Kris ---- Cthulhu for President! For when you're tired of choosing the _lesser_ of two evils.. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.9911231412030.46173-100000>