You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The string functions in the standard C library are lacking as well as unsafe: Some can't guarantee strings will be null-terminated, some can write past the end of buffers, overwriting other data structures or code. In the past we attempted to make string operations a bit safer by using xastir/src/snprintf.c. It was a step in the right direction but didn't go far enough. Newer compilers show hundreds of possible issues in string operations with the current Xastir code.
I propose we look for a better string library, replacing most/all of our string operations with said library. My initial proposal to the other Xastir admins was Better String Library but that may require extensive changes to the code to implement. Some current contenders (not an exhaustive list):
Here's an article comparing some of the above and listing more yet: String library comparison. Comments are welcome from anyone who has used string libraries in place of the standard C library functions.
If people feel that it'd be best to avoid the c-library functions that have inherent problems and use the safer c-lib functions (perhaps with wrappers to we can keep track of buffer length and assure we always get terminating zeroes), let us know that too.
The text was updated successfully, but these errors were encountered:
Section 6 of this is a very good read: Secure Programming HOWTO
plus check out the man-page for asprintf() / vasprintf() which look like good additional functions to use, mentioned in section 6.2.4 of the above link.
While I understand why this issue was opened, I think it should be removed as a blocker to the next release. It's still listed in the ToDo column of https://github.com/Xastir/Xastir/projects/2.
The string functions in the standard C library are lacking as well as unsafe: Some can't guarantee strings will be null-terminated, some can write past the end of buffers, overwriting other data structures or code. In the past we attempted to make string operations a bit safer by using xastir/src/snprintf.c. It was a step in the right direction but didn't go far enough. Newer compilers show hundreds of possible issues in string operations with the current Xastir code.
I propose we look for a better string library, replacing most/all of our string operations with said library. My initial proposal to the other Xastir admins was Better String Library but that may require extensive changes to the code to implement. Some current contenders (not an exhaustive list):
Here's an article comparing some of the above and listing more yet: String library comparison. Comments are welcome from anyone who has used string libraries in place of the standard C library functions.
If people feel that it'd be best to avoid the c-library functions that have inherent problems and use the safer c-lib functions (perhaps with wrappers to we can keep track of buffer length and assure we always get terminating zeroes), let us know that too.
The text was updated successfully, but these errors were encountered: