[TUHS] buffer overflow (Re: Happy birthday Morris worm

Warner Losh imp at bsdimp.com
Fri Nov 22 06:38:37 AEST 2019

On Thu, Nov 21, 2019 at 1:02 PM Dave Horsfall <dave at horsfall.org> wrote:

> On Tue, 19 Nov 2019, Tony Finch wrote:
> > Amusingly POSIX says the C standard takes precedence wrt the details of
> > gets() (and other library functions) and C18 abolished gets(). I'm
> > slightly surprised that the POSIX committee didn't see that coming and
> > include the change in the 2018 edition...
> Didn't know that gets() had finally been abolished; it's possibly the most
> unsafe function (OK, macro) on the planet.  I've long been tempted to
> remove gets() and see what breaks...

A few things actually broke when FreeBSD removed it. Apart from 'wrappers'
that needed it for various reasons, it was only a few programs in our
'ports' package that needed to be corrected.

Most people have moved on with the 20 years of warnings when it was used...
Sadly only most...

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://minnie.tuhs.org/pipermail/tuhs/attachments/20191121/becba6e9/attachment.html>

More information about the TUHS mailing list