Re: fopen_s
- From: "David Webber" <dave@xxxxxxxxxxxxxxxxxxx>
- Date: Wed, 28 Jun 2006 13:09:30 +0100
"Eugene Gershnik" <gershnik@xxxxxxxxxxx> wrote in message
news:O$6HiHnmGHA.464@xxxxxxxxxxxxxxxxxxxxxxx
How returning errno helps with error reporting and what this has to do
with security as such is beyond my imagination. Presumably somebody at
Microsoft has trouble understanding and using an API that doesn't
uniformly return error codes in COM manner.
I think we're in danger of taking this too literally in too isolated a case.
The new ...._s APIs which fill buffers (like strcpy_s) do improve security -
IIRC the debug version asserts if you try and overfill the buffer. Maybe
fopen_s is not really needed for security but is just there to complete the
set? (Personally I find the new ones - and all the warnings you get if you
don't use them - a pain.)
Dave
--
David Webber
Author MOZART the music processor for Windows -
http://www.mozart.co.uk
For discussion/support see
http://www.mozart.co.uk/mzusers/mailinglist.htm
.
- Follow-Ups:
- Re: fopen_s
- From: Norman Bullen
- Re: fopen_s
- From: Eugene Gershnik
- Re: fopen_s
- References:
- fopen_s
- From: mike7411
- Re: fopen_s
- From: Eugene Gershnik
- fopen_s
- Prev by Date: Forwarding DLL
- Next by Date: GetUserNameEx() refuses to work for me.
- Previous by thread: Re: fopen_s
- Next by thread: Re: fopen_s
- Index(es):
Relevant Pages
|
