Usage of Secure C (memcpy_s, strcpy_s etc) functions on OpenSSL
Paul Smith
paul at mad-scientist.net
Wed Nov 27 15:06:44 UTC 2019
On Tue, 2019-11-26 at 23:47 +0000, Jordan Brown wrote:
> Here's a paper on the subject:
> http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1967.htm
I love the fact that the "correct and safe" example they give in
"Unnecessary Uses" is neither correct nor safe (it has a potential DOS due
to memory leak).
However I definitely do agree that the Appendix K functions are of marginal
use _at best_... I don't use them or recommend them myself.
More information about the openssl-users
mailing list