It's used by Apache httpd. I think that pretty much says everything you need to know :)
Sent from my iPhone > On Aug 28, 2015, at 6:04, Tristan Leask <tristan.le...@enghouse.com> wrote: > > Hi all, > > Not sure if this is the right place to ask or not, so sorry if it isn't. > > I am currently using the APR library in conjunction with the Active MQ CPP > connector, so that I can produce and consume topics over an Active MQ bus. > Recently I have asked to evaluate the security of our system and the > components that it uses. One of those requirements is to make sure that the > software is protected as best as it can be from buffer exploits, and one way > of doing this is to make sure that safe C libraries are being used with C > code, and that C++ code uses safe API equivalents, e.g. strncpy() to > strncpy_S(). > > Reading the APR site, it says that you take security very seriously, so I am > assuming that the library should be ok for this. I could potentially get > someone to look in to the code, but I thought it would be quicker to ask > first. > > So, any comments? > > Thanks in advance! >