[reSIProcate] Visual Studio 2005 compilation warnings of 1.4 branch
Max Bowsher
maxb at f2s.com
Fri Dec 5 16:57:08 CST 2008
Matthias Moetje wrote:
> Adam,
>
> I wanted to add a few more comments on the strdup issue.
>
> strdup was not replaced by _strdup due to security concerns.
> This function is never unsecure because it does not write to
> an existing buffer, instead it creates and returns a new
> buffer, so buffer overruns (at least) will never occur.
>
> The reason why it was replaced is that strdup (and similar
> functions) do not conform to the ISO C++ standard because
> functions starting with 'str' are reserved and strdup does
> not belong to the standard (at least the '99 one).
> While I think it is a noble goal by MS to be more standards
> compliant I think this decision is silly because it create
> more cross-platform issues as it solves...
> It remains interesting, though, if other compilers will
> Follow this route ;-)
strdup is standardized by POSIX though, as well as dating back to SVr4
and 4.3BSD according to Linux man-pages, so Microsoft's behaviour on
this seems to be just foisting an incompatible and uglier name on us for
zero concrete advantage. :-/
> The other really important change to many of the string functions
> is the introduction of the secure string functions, suffixed
> with '_s'.
> I would be interested in replacing all these functions with
> their secure counterparts in the next year.
>
> The platform compatibility could be easily achieved by creating
> a few wrapper functions included in a define which will call
> the unsecure counterparts on platforms where the secure versions
> are available.
> The benefit of this is obvious...
>
> Does anybody know about non-Windows platforms, are there libraries
> with these secure functions already?
I'm not aware of any. I reckon that there's a fair chance that if anyone
else set out to create safer string functions for Unix, they'd probably
do it without Microsoft's Excessive Underscore Disease too :-)
Max.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 197 bytes
Desc: OpenPGP digital signature
URL: <http://list.resiprocate.org/pipermail/resiprocate-devel/attachments/20081205/942e6fda/attachment.sig>
More information about the resiprocate-devel
mailing list