[TUHS] buffer overflow (Re: Happy birthday Morris worm
imp at bsdimp.com
Fri Nov 22 06:38:37 AEST 2019
On Thu, Nov 21, 2019 at 1:02 PM Dave Horsfall <dave at horsfall.org> wrote:
> On Tue, 19 Nov 2019, Tony Finch wrote:
> > Amusingly POSIX says the C standard takes precedence wrt the details of
> > gets() (and other library functions) and C18 abolished gets(). I'm
> > slightly surprised that the POSIX committee didn't see that coming and
> > include the change in the 2018 edition...
> Didn't know that gets() had finally been abolished; it's possibly the most
> unsafe function (OK, macro) on the planet. I've long been tempted to
> remove gets() and see what breaks...
A few things actually broke when FreeBSD removed it. Apart from 'wrappers'
that needed it for various reasons, it was only a few programs in our
'ports' package that needed to be corrected.
Most people have moved on with the 20 years of warnings when it was used...
Sadly only most...
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the TUHS