[Insight-developers] Policy regarding insecure APIs like strcpy() and sprintf()? Phase out?

Bill Lorensen bill.lorensen at gmail.com
Wed May 20 19:23:27 EDT 2009 

It would be a great project to remove the old c-style string routines
and move to std::string and portable string stream. I think this
should be possible, but I don't know how much work it would take.

Bill

On Wed, May 20, 2009 at 7:17 PM, Sean McBride <sean at rogue-research.com> wrote:
> Hi all,
>
> Is there a policy regarding insecure APIs like strcpy() and sprintf()?
>
> For those unfamiliar with why these functions are evil, see the
> following for a nice write-up:
> <http://developer.apple.com/documentation/security/conceptual/
> SecureCodingGuide/Articles/BufferOverflows.html#//apple_ref/doc/uid/
> TP40002577-SW10>
>
> Long ago I tried to cleanse VTK and ITK of some of these functions but
> gave up at the scope of the problem.
>
> I've recently discovered that gcc has a neat feature that can be used to
> catch the use of functions you don't want to ever use:
>
> #pragma GCC poison strcpy sprintf
>
> I tried to enable this in my own application but discovered that some of
> these functions are used in some of ITK's public headers.  For example
> DICOMAppHelper.h uses strcpy() and in fact propagates its insecurity:
>
>  void GetPatientName(char* name)
>   {
>   strcpy(name, m_PatientName);
>   }
>
> How does the implementation know that the passed 'name' buffer is big
> enough?  How does the caller know how big a buffer to pass?
>
> So anyway, assuming the community agrees that these functions should be
> phased out, I thought a first step could be phasing them out of public
> headers, so that client apps like mine can at least use 'gcc poison' to
> cleanse our own code.
>
> Any thoughts?
>
> Cheers,
>
> --
> ____________________________________________________________
> Sean McBride, B. Eng                 sean at rogue-research.com
> Rogue Research                        www.rogue-research.com
> Mac Software Developer              Montréal, Québec, Canada
>
>
> _______________________________________________
> Powered by www.kitware.com
>
> Visit other Kitware open-source projects at http://www.kitware.com/opensource/opensource.html
>
> Please keep messages on-topic and check the ITK FAQ at: http://www.itk.org/Wiki/ITK_FAQ
>
> Follow this link to subscribe/unsubscribe:
> http://www.itk.org/mailman/listinfo/insight-developers
>

More information about the Insight-developers mailing list