Comments on: Ban programmers, not functions

By: Peter

Peter — Tue, 18 Oct 2011 10:06:37 +0000

@Joe
Seems like ‘len’ could still be too large. Wouldn’t
#define memcpy(dst,src,len) memcpy_s(dst, sizeof(dst), src, len);
be better? Or even something like
#define MEMCPY_ERR do_something_like_compile_error_or_fail_loudly
#define memcpy(dst, src, len) (sizeof( dst )>len ? memcpy(dst, src, len) : MEMCPY_ERR)
Maybe that doesn’t make sense; I’m not a programmer, so…

By: stef13013

stef13013 — Sun, 16 Oct 2011 17:06:35 +0000

I agree, it is pretty useless, but the worst would be that Microsoft forced to used them

By: LaLaLaHeyHey

LaLaLaHeyHey — Sat, 15 Oct 2011 13:51:42 +0000

Even if 5% of programmers that wrote software on windows saw the banned APIs and fixed their code it would be better than 0. I guess your solution is – hire better programmers. Yeah.. um.. thanks for that insight.

Microsoft: “Hello I’m from Microsoft and um we’d like you to replace this amateur programmer Ted from your company for messing up parameters to memcpy.”

Software Vendors: “Fuck off”

By: Joe

Joe — Sat, 15 Oct 2011 01:51:23 +0000

#define memcpy(dst, src, len) memcpy_s(dst, len, src, len)

By: Sturm Mabie

Sturm Mabie — Fri, 14 Oct 2011 23:06:15 +0000

Um, actually strcpy and strcat have been largely replaced by strlcpy and strlcat or equivalents both in all major BSDs and the Linux kernel. Pretty much the only person who thinks strlcpy and strlcat are a bad idea is Ulrich Drepper.

By: Yuhong Bao

Yuhong Bao — Fri, 14 Oct 2011 21:13:22 +0000

I wonder if it says something about MS’s corporate culture, particularly putting process over people.

By: _mind

_mind — Thu, 13 Oct 2011 06:00:51 +0000

> My point here is that banning functions that are the common source of security vulnerabilities doesn’t fix the problem, because the problem isn’t with the functions

You’re simplifying your point too much, and thus making it wrong. memcpy() can indeed be used safely (make sure len is smaller than the destination buffer!), so memcpy_s() is mostly redundant. However, something like gets() is just broken and *cannot* be used properly and therefore should be deprecated. strcpy() falls somewhere in the middle.

By: Microsoft banned function list | >kloctalk

Microsoft banned function list | >kloctalk — Tue, 27 Sep 2011 19:58:46 +0000

[...] the question becomes how useful are these? There is no question that these banned functions are debatable. The complaint that I hear the most is that “n” functions can be used safely so they [...]

By: Bert

Bert — Mon, 26 Sep 2011 10:49:36 +0000

It’s great to read something that’s both enjoyable and prioveds pragmatisdc solutions.

By: kto

kto — Sun, 19 Dec 2010 20:37:42 +0000

Excellent words. I’m slow to this memcpy() ban debate, but I agree with you 100%.

-kto