Unsafe Functions In C And Their Safer Replacements: Strings Part I
Tuesday, November 4th, 2008Subscribe To Our Feed | Follow Us On Twitter | Get Updates on Email
A string is a fundamental part of programs all around us. Data exchange in many forms happens in strings (e.g. user input, command line arguments, web forms, text protocols and what not.) But most programs written in C are plagued by security issues because of their usage of unsafe functions. A string is not a built-in data type in C, instead it is termed as a continguous sequence of characters terminated by a NULL character (‘\0’). Now, many of the “standard” string manipulation functions written in early part of C development took this definition by heart, assumed that a programmer always knows what he is doing (though I agree that this MUST be true), and put out a code meant to be used in an everyone-is-good world. Subsequently, the shortcomings were noticed, stronger sibling functions were created but the older ones are still supported because they are “standard”. This means that naive programmers continue to use them and put their programs’ security into jeopardy. This series will do an in-depth analysis of such unsafe functions, tell you why they are unsafe, and bring out what alternatives you have in-built and what alternatives you can create.
Our first candidate is the very famous “strcpy()”. Lets see why it is unsafe.
© Safer Code | Unsafe Functions In C And Their Safer Replacements: Strings Part I
|
Liked this post? Get FREE Updates Subscribe to RSS feed 
|
