The Artima Developer Community
Articles | News | Weblogs | Books | Forums
Artima Forums | Articles | Weblogs | Java Answers | News
Sponsored Link

.NET Buzz Forum
Why do unsafe functions still exist?

0 replies on 1 page.

Welcome Guest
  Sign In

Go back to the topic listing  Back to Topic List Click to reply to this topic  Reply to this Topic Click to search messages in this forum  Search Forum Click for a threaded view of the topic  Threaded View   
Previous Topic   Next Topic
Flat View: This topic has 0 replies on 1 page
Sam Gentile

Posts: 1605
Nickname: managedcod
Registered: Sep, 2003

Sam Gentile is a Microsoft .NET Consultant who has been working with .NET since the earliest
Why do unsafe functions still exist? Posted: Apr 20, 2004 3:08 PM
Reply to this message Reply

This post originated from an RSS feed registered with .NET Buzz by Sam Gentile.
Original Post: Why do unsafe functions still exist?
Feed Title: Sam Gentile's Blog
Feed URL: http://samgentile.com/blog/Rss.aspx
Feed Description: .NET and Software Development from an experienced perspective - .NET/CLR, Rotor, Interop, MC+/C++, COM+, ES, Mac OS X, Extreme Programming and More! 		Latest .NET Buzz Posts
Latest .NET Buzz Posts by Sam Gentile
Latest Posts From Sam Gentile's Blog

Advertisement

Greggm asks the $64,000 question re C++ in his rant: “One thing that I fail to understand is why, in 2004, we still have code that uses strcat, strcpy, sprintf or any of the other string functions that don’t take a buffer size input. Microsoft, Open source, etc all still use these functions. Why?

That's a real good question and one that Microsoft is helping to change forever.  As Micheal Howard notes though “The safer alternatives do not replace the old functionality. In other words, strcpy is still strcpy.” At least there will be compiler warnings in Microsoft's compilers but they are still there. I agree with GregM that they need to be removed from the CRT but I am not sure that could be done as it would break the whole world. The better question is why do C++ programmers still use obviously dangerous functions? The answers are stupidity, ignorance of security issues, and lots of existing code. Let's take the last one first. To insist that there is a lot of C/C++ code that uses these library calls in my  code or my project's code is not an an answer. Code that is not constantly being refactored just smells. There is no excuse. If you know your code is wrong and prone to security issues, write unit tests and fix it! Period.

Going to the stupidity issue, there are some C++ programmers, like other programmers, who don't understand what they are doing when they write using these functions. It is their job to keep up with the C++ state of the art and know that, in 2004, there are correct and safe replacements. And univerally there is not yet good awareness down to the average developer of good security techniques and it's not a priority for them or even their company. My view is this: if I am leading a team that involves unmanaged C++ code in any way, actually any technology or language, I would and will make it a part of every developer's code deliverable that the piece is designed and reviewed for security issues, as well as having an accompanying unit test or it just doesn't get checked in. Period.

Read: Why do unsafe functions still exist?

Topic: Enterprise Server Magazine ... Free Subscription (UK) Previous Topic   Next Topic Topic: Efficiency of iteration over arrays?
Sponsored Links


Google
  Web Artima.com   

Copyright © 1996-2019 Artima, Inc. All Rights Reserved. - Privacy Policy - Terms of Use