[Git][NTPsec/ntpsec][master] devel/hacking.adoc: Add strlen() to the banned list.
Gary E. Miller (@garyedmundsmiller)
gitlab at mg.gitlab.com
Fri Apr 11 02:39:35 UTC 2025
Gary E. Miller pushed to branch master at NTPsec / ntpsec
Commits:
06f62ef3 by Gary E. Miller at 2025-04-10T19:37:52-07:00
devel/hacking.adoc: Add strlen() to the banned list.
Codacy does not like it. Avoid needing it, or use strnlen()
instead.
- - - - -
1 changed file:
- devel/hacking.adoc
Changes:
=====================================
devel/hacking.adoc
=====================================
@@ -150,6 +150,7 @@ The following C99/POSIX functions are BANNED. They are unsafe, tending to
cause buffer overruns and (all too often) exploitable security holes:
* strcpy, strncpy, strcat, strncat: Use strlcpy and strlcat instead.
+* strlen(): Avoid the need for it, or use strnlen() instead.
* sprintf, vsprintf: use snprintf and vsnprintf instead.
* In scanf and friends, the %s format without length limit is banned.
* strtok: use strtok_r() or unroll this into the obvious loop.
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/06f62ef37e6e4b2d936c8228f62362dd7dc651ee
--
View it on GitLab: https://gitlab.com/NTPsec/ntpsec/-/commit/06f62ef37e6e4b2d936c8228f62362dd7dc651ee
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.ntpsec.org/pipermail/vc/attachments/20250411/eb1ddf5c/attachment.htm>
More information about the vc
mailing list