Clearing sensitive in-memory data in perl

Roy M. Silvernail roy at rant-central.com
Sat Sep 17 14:18:54 EDT 2005


Quoting Adam Shostack <adam at homeport.org>:

> I recall that for a while if you used gets, the linker would
> complain.  I can't recall what platform this was on.  BSDi, maybe?

There used to be a fairly standard set of #defines along this line that were
added to <stdio.h> or some other standard header file.  Something like

#define strcpy          DONT_USE_STRCPY
#define strncpy         DONT_USE_STRNCPY
#define strcat          DONT_USE_STRCAT
#define strncat         DONT_USE_STRNCAT
#define gets            DONT_USE_GETS
#define sprintf         DONT_USE_SPRINTF

I don't think it was standard in any platform, though. More of an ad hoc
measure.
-- 
Roy M. Silvernail is roy at rant-central.com, and you're not
"It's just this little chromium switch, here." - TFT
SpamAssassin->procmail->/dev/null->bliss
http://www.rant-central.com

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com



More information about the cryptography mailing list