Re: Stack growth direction to thwart buffer overflow attacks

From: Casper H.S. Dik (Casper.Dik_at_Sun.COM)
Date: 08/20/03 

Date: 20 Aug 2003 18:34:29 GMT

Frank Cusack <fcusack@fcusack.com> writes:

>I stand by my point; it's hard to get this right, and secondly, strn*
>are not the best design. Why does strncpy() not null-terminate while
>strncat() does? blah. C lends itself to these kinds of errors.

That we all agree on; the fact that strncat() and strncpy both
copy "n" bytes from the source but that one appends a NUL and the
other may not as well as the zero filling done by strncpy(), all
very confusing. (Strncpy is a very convenient function for
putting strings in fixed size database records as in lastlogin/utmp/utmpx;
but it's not useful for anything else; it needs both weird properties
for that function)

>Even Solaris (apparently) had a nasty snprintf() bug.
>http://www.gnu.org/manual/autoconf/html_node/autoconf_45.html

Indeed, stuff breaks (though I can't find any record of the first S7
bug)

>Looking at the Solaris docs, they very closely match C99. Why FBSD
>(and H&S) just didn't quote C99 directly I don't understand. The C99
>doc is quite understandable. Maybe it's just hindsight.

Historical, I'm sure. Solaris documentation in many places closely
follows UNIX98 which is probably where most of the C99 verbiage came
from.

Casper 

-- 
Expressed in this posting are my opinions.  They are in no way related
to opinions held by my employer, Sun Microsystems.
Statements on Sun products included here are not gospel and may
be fiction rather than truth.