Usage of Secure C (memcpy_s, strcpy_s etc) functions on OpenSSL

Paul Smith paul at
Wed Nov 27 15:06:44 UTC 2019

On Tue, 2019-11-26 at 23:47 +0000, Jordan Brown wrote:
> Here's a paper on the subject:  

I love the fact that the "correct and safe" example they give in
"Unnecessary Uses" is neither correct nor safe (it has a potential DOS due
to memory leak).

However I definitely do agree that the Appendix K functions are of marginal
use _at best_... I don't use them or recommend them myself.

More information about the openssl-users mailing list