Clearing sensitive in-memory data in perl
Roy M. Silvernail
roy at rant-central.com
Sat Sep 17 14:18:54 EDT 2005
Quoting Adam Shostack <adam at homeport.org>:
> I recall that for a while if you used gets, the linker would
> complain. I can't recall what platform this was on. BSDi, maybe?
There used to be a fairly standard set of #defines along this line that were
added to <stdio.h> or some other standard header file. Something like
#define strcpy DONT_USE_STRCPY
#define strncpy DONT_USE_STRNCPY
#define strcat DONT_USE_STRCAT
#define strncat DONT_USE_STRNCAT
#define gets DONT_USE_GETS
#define sprintf DONT_USE_SPRINTF
I don't think it was standard in any platform, though. More of an ad hoc
measure.
--
Roy M. Silvernail is roy at rant-central.com, and you're not
"It's just this little chromium switch, here." - TFT
SpamAssassin->procmail->/dev/null->bliss
http://www.rant-central.com
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list