[Vortex] Safe string functions

Francis Brosnan Blazquez francis at aspl.es
Mon Apr 14 11:15:26 CEST 2008


Hi Robert,

> Hi, I just scanned the vortex source code and only found one reference to  
> "sprintf_s", on of the new safe *_s stdlib functions. Seeing all these  
> bugger overflows etc. problems coming up every day in different apps I  
> think it makes sense to make vortex lib as safe as possible.
> 
> I'm using the "Managed String Library" from CERT  
> (http://www.cert.org/secure-coding/managedstring.html) and it's definetly  
> a useful step.
> 
> What do you think? How about making Vortex lib safe by going through the  
> code and making use of managed strings?

My first impression is that using a managed implementation does not
provide safety per se.

We have worked to remove all dependencies on external projects we think
tend to provide bad results, to write clean implementations that are
checked against regression tests (with tools like valgrind) which not
only ensure we don't leak, but all memory access are properly done. 

As a side effect, this allows us to provide fast patches if something
goes wrong. Otherwise, this wouldn't be possible.

For us, safety comes from a constant work checking all APIs introduced
as much as possible and then run regression tests under different
environments. 

In fact, as you have noted, every time a patch fixing a bug is posted,
first a regression test is created to reproduced and check the fix. But
more important, the fix is not only checked at feature level, but also
if its leaks or have a proper memory access.

In any case, thanks for taking your time posting this information.
Cheers!

-- 
Francis Brosnan Blazquez <francis at aspl.es>
Advanced Software Production Line, S.L.




More information about the Vortex mailing list