[CrackMonkey] Another nail in the Pine coffin
Mr. Bad
mr.bad at pigdog.org
Sat Sep 30 20:02:53 PDT 2000
>>>>> "PJC" == Paul J Collins <sneakums at eircom.net> writes:
PJC> Your contrived example does not prove that every use of those
PJC> functions in Pine is safe and not prone to buffer overflows.
Well, did anyone say they were? He just said that careful use of the
functions can avoid B.O.
I find the idea that programs that use strcpy, strcat and sprintf are
fundamentally insecure to be ABSURD.
PJC> By the way, use of the integer constant 0 for '\0' is not a
PJC> good idea. Say what you mean.
Yeah, but it's also extremely widespread C usage. Sure, it's a pain
for people doing new multi-byte character set ports, but fuck
them. 7-bit character types were good enough for my father, and
they're good enough for me!
~Mr. Bad
--
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
/\____/\ Mr. Bad <mr.bad at pigdog.org>
\ / Pigdog Journal | http://pigdog.org/ | *Stay*Real*Bad*
| (X \x)
( ((**) "If it's not bad, don't do it.
\ <vvv> If it's not crazy, don't say it."
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
More information about the Crackmonkey
mailing list