[1084] in bugtraq
Re: NCSA httpd 1.3
daemon@ATHENA.MIT.EDU (Ken Hardy)
Fri Feb 24 19:24:29 1995
Date: Fri, 24 Feb 1995 15:46:56 -0600
From: Ken Hardy <ken@bridge.com>
To: Dan_Thorson@notes.seagate.com
Cc: bugtraq@fc.net
>However, perhaps another rule:
> Avoid using strncat(dest, src, n) or strncpy(dest, src, n), etc, as they
> _also_ do no checking on the max length of "dest", although 'n' can be
> properly calculated & make them safe.
>
>Perhaps, instead, it's time to write a new series of string manipulators....
>ones that do the following:
>1) Behave similarly to the existing functions (like sprintf(), strncat(),
> strncpy(), but take an additional argument "destlen", which is (of course)
> the max length of the destination string.
>2) Do the string-function, but if the "dest" string will be overrun, return an
> error code AND post to the syslog function.
Seems like this is begging for a "safe" string class for C++; I'm sure
that length-safe classes exist. Subclass off that for "safer" classes
to handle the special characters a la the latest sendmail brouhaha.
[I conveniently ignore the fact that all the common source base out
there is C (probably a lot of it not even ANSI), and the increased
opportunities that C++ gives for obfuscated code.]
-- KH
