On Wed, 5 Oct 2011, Nigel Metheringham wrote: > On 5 Oct 2011, at 06:00, Phil Pennock wrote: > > >> OpenBSD also suggests: > >> > >> strcpy() is almost always misused, please use strlcpy() > >> sprintf() is often misused, please use snprintf() > >> strcat() is almost always misused, please use strlcat() > >> > >> in a few places. Details on request. > > > > Is often mis-used, but is not in Exim. They've been very carefully > > checked, on multiple occasions. strlcpy/strlcat are excellent functions > > which I use myself in new code, where I'm prepared to state "the porter > > has to provide a libc with them, or add the functions". In this case, > > Exim is handling the strings just fine. > > Is there a magic comment form that we can put around those areas of code > to let the compiler/checker know we did mean this and its OK (ie turning > off lint)? > > If so is it worth us quieting this particular build noisiness?
If not, I'd say it worth note the non-issue on a developer webpage/wiki, so the next time someone asks (or someone casually reviewing the code starts raving about not using strlcpy etc) they can be directed to it. There is a current brief related comment in the Exim spec, but you probably wouldn't come across it unless you were looking hard. Jethro. . . . . . . . . . . . . . . . . . . . . . . . . . Jethro R Binks, Network Manager, Information Services Directorate, University Of Strathclyde, Glasgow, UK The University of Strathclyde is a charitable body, registered in Scotland, number SC015263. -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
