[cfe-dev] C++ Annex K safe C11 functions
Joerg Sonnenberger via cfe-dev
cfe-dev at lists.llvm.org
Tue Mar 5 07:17:06 PST 2019
On Mon, Mar 04, 2019 at 04:00:17PM -0500, <Alexander G. Riccio> via cfe-dev wrote:
> I would *very *much like to see some kind of minimal compiler support for
> the bounds checking functions - memcpy_s, memmove_s, strcpy_s, strncpy_s,
> strcat_s - since overruns in their non-bounds-checked equivalents have been
> responsible for hundreds of security vulnerabilities over the years. It
> doesn't have to be fully annex K compliant for my concerns, just has to
> obey the buffer boundaries. Some kind of minimal compiler support would
> also make cross platform programming much easier, since as of right now I
> use the bounds checking versions in code compiled for MSVC, and have to
> either #ifdef it out or lose the extra checking.
It has been mentioned in a recent thread about fortify, but what exactly
do you *miss* for implementing them on top of the existing
__builtin_object_size? That's what can already be used to implement
_FORTIFY=2 and I don't think Annex K is much different beyond all the
runtime crash junk.
Joerg
More information about the cfe-dev
mailing list