[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Re[2]: Rep:Rep:Re: Rep:Re: [f-cpu] Stack handling
On Wed, Jul 24, 2002 at 11:43:50PM +0200, Christian M. Schubert wrote:
[...]
> IMHO Zero terminated strings are the root of all evil. Explicit length
> specification would require an additional parameter per passed string
> (that seems to be a pain in the a** for some guys) but seems to be
> getting more popular (at least in the newer functions in the Windows
> API some functions require you to pass pointer to a string and the
> length). That makes it far more easier to check for buffer overflows
> (but still needs extra code to be written what most programmers tend
> to avoid if possible). [...]
Do you remember the latest BIND resolver bug (some weeks ago)? They *did*
use a pointer and a length, and then forgot to update one of them.
I guess the root of all evil is lazy programmers. Or too many
programmers working on the same project at the same time.
--
Michael "Tired" Riepe <Michael.Riepe@stud.uni-hannover.de>
"All I wanna do is have a little fun before I die"
*************************************************************
To unsubscribe, send an e-mail to majordomo@seul.org with
unsubscribe f-cpu in the body. http://f-cpu.seul.org/