[sr #107522] Use of dangerous/banned functions

Jeffrey Walton INVALID.NOREPLY at gnu.org
Wed Nov 17 01:09:00 CET 2010

Follow-up Comment #1, sr #107522 (project gnutls):

Forgot to mention....

I cited Apple's security guide because the table is compiled (so it offers
copy/paste convenience). Wheeler's security guide says about the same in more
words (Wheeler is more in depth because he also discusses other "safe"
libraries). And Microsoft has a succinct page: Security Development Lifecycle
(SDL) Banned Function Calls,

One fellow on [BuqTraq|FunSec|FullDisclosure] summed it up nicely, "there's
no reason to be using strcpy in 2010". (can't find the reference at the


Reply to this item at:


  Message sent via/by Savannah

More information about the Gnutls-devel mailing list