On Tue, 12 Nov 2019 15:56:15 -0500 Norman Wilson
<norman(a)oclsc.org> wrote:
My longer-term reaction was to completely drop my sloppy
old habit (common in those days not just in my code but in
that of many others) of ignoring possible buffer overflows.
I find it mind-boggling that people still make that mistake;
it has been literal decades since the lesson was rubbed in
our community's collective noses. I am very disappointed
that programming education seems not to care enough about
this sort of thing, even today.
Unfortunately strcpy & other buffer overflow friendly
functions are still present in the C standard (I am looking at
n2434.pdf, draft of Sept 25, 2019). Is C really not fixable?
Someone needs to do Strcpy() etc that have the length in the
first bytes[s] of the string.
--
---
Larry McVoy lm at