[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP-specific API



On Thu, 13 Mar 2003, Howard Chu wrote:

> 	char buf[MAXLEN]; int len;
> 	strcat(strcat(strcat(strcpy(buf, "This "),"is "),"a long "),"string.");
> 	len = strlen(buf);
> to produce "This is a long string." and determine its length. Code-beauty
> aside, this is a horrid example that many C programming students have adopted
> as "normal". It executes in exponential time, relative to the lengths of the
> strings involved.

Not to mention the little detail that buffer overrun is the most common
security breach these days...

> I used a function "strcopy" which behaves as I proposed:
> 	len = strcopy(strcopy(strcopy(strcopy(buf, "x"),"y"),"z"),"phooey") - buf;
> My version executes in linear time, and eliminates the second pass through
> the string to calculate the length of the result.

And how does your code address the overrun problem?

[...]

> The rule for the OpenLDAP project is correctness first, performance second.

I'd rather see security ahead of correctness, or is that just me?  Your
code can be both correct and fast, but it's useless to me if it opens up
a potential attack.

-- 
Dave Horsfall  DTM  VK2KFU  daveh@ci.com.au  Ph: +61 2 9906-7866  Fx: 9906-1556
Corinthian Engineering, Level 1, 401 Pacific Hwy, Artarmon, NSW 2064, Australia