[TUHS] buffer overflow (Re: Happy birthday Morris worm
Warner Losh
imp at bsdimp.com
Fri Nov 22 06:38:37 AEST 2019
On Thu, Nov 21, 2019 at 1:02 PM Dave Horsfall <dave at horsfall.org> wrote:
> On Tue, 19 Nov 2019, Tony Finch wrote:
>
> > Amusingly POSIX says the C standard takes precedence wrt the details of
> > gets() (and other library functions) and C18 abolished gets(). I'm
> > slightly surprised that the POSIX committee didn't see that coming and
> > include the change in the 2018 edition...
>
> Didn't know that gets() had finally been abolished; it's possibly the most
> unsafe function (OK, macro) on the planet. I've long been tempted to
> remove gets() and see what breaks...
>
A few things actually broke when FreeBSD removed it. Apart from 'wrappers'
that needed it for various reasons, it was only a few programs in our
'ports' package that needed to be corrected.
Most people have moved on with the 20 years of warnings when it was used...
Sadly only most...
Warner
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://minnie.tuhs.org/pipermail/tuhs/attachments/20191121/becba6e9/attachment.html>
More information about the TUHS
mailing list