Slashdot Mirror

← Back to Stories (view on slashdot.org)

String Cleanup Results On OpenBSD

Posted by timothy on from the theo-apologizes-for-a-pun dept.

Dan writes "OpenBSD's Theo De Raadt provides an update on his team's efforts to remove potential buffer overflows within OpenBSD code by always calculating what the bounds of an operation are. They have been going through the source tree cleaning out all calls to sprintf(), strcpy(), and strcat(). Theo says that they have removed (replaced) approximately 2000 occurences of these functions." (The same buffer overrun-squashing effort was mentioned earlier this month.)

3 of 53 comments (clear)

  1. shame on you slashdot editors by Anonymous Coward · · Score: 0, Interesting

    Look people, I can read this news, and get more comments on it at deadly.org. Let the specialty and community-oriented news sites do their thing. Why couldn't a link have been given to the place that first aired this story? Give credit where credit is due, damnit. What, is your next BSD story going to be the continued DARPA funding? If the news is happening at Deadly.org, have some class, and give them some flow. Take a page out of Dave Winer's book.

    Also, by removing down-moderating this post, you are proving my point that you censor what isn't convenient or fits your own purposes. Objectivity is sorely needed here, and the best place to start is by rigorously acknowledging the origins of a story. Be a part of the solution and not the problem, take some criticism once in a while, don't restrict your news items to what is simply in your own best interest!

    That is all.

  2. Shifting so much by mnmn · · Score: 2, Interesting

    I wonder when Theo can say they have removed ALL occurrences of these functions??

    But more importantly, why wasnt it possible to replace the functions in the library with something (if a bit slower) robust?

    Are we witnessing the evolution of the New Libc(tm) ?? Can I patent it?

    --
    "Give orange me give eat orange me eat orange give me eat orange give me you." -Nim Chimpsky
  3. Re:OpenBSD by glitchvern · · Score: 2, Interesting

    A valid question if you don't know the answer, you shouldn't have been moderated as a troll I think. These "unsafe string funtions" sprintf(), strcpy(), and strcat(), are only unsafe if they are used incorrectly, which is easy to do. OpenBSD's source has been audited in the past to make sure they are used correctly. Now instead of making sure these calls are used correctly they are ripping them out and replacing them with calls to safer string functions. Interestingly it appears Theo is being successful in getting these changes made upstream in openssl, sendmail, and bind. I believe in the past there were some bind security flaws that didn't affect OpenBSD because they had altered their version of bind. The functions they are using to replace the "unsafe" ones are: snprintf() which first appeared in 4.4BSD (as in the original Berkley bsd), asprintf() which came from the GNU C library and first appeared in OpenBSD in 2.3, strlcpy() and strlcat() which were created by OpenBSD in 2.4. The man page for strlcpy() and strlcat() is one of my favorites for the blurb at the end under EXAMPLES:
    However, one may question the validity of such optimizations, as they defeat the whole purpose of strlcpy() and strlcat(). As a matter of fact, the first version of this manual page got it wrong.

    Also the packet filter thing wasn't a minor squable. It had a licence which sounded like a bsd licence but did not expressly permit distribution of modified source, thus making distribution of modified source illegal. It also was suppose to be installed into / by default, default being the only way you could legally distribute it. The author thought he was gonna go ahead and point that out and be an ass about it. Pretty strange for a licence which said I hate legalese don't you in it.