Re: fopen_s
- From: "Eugene Gershnik" <gershnik@xxxxxxxxxxx>
- Date: Wed, 28 Jun 2006 18:01:08 -0700
"Carl Daniel [VC++ MVP]" <cpdaniel_remove_this_and_nospam@xxxxxxxxxxxxxxx>
wrote in message news:uKn6cltmGHA.3352@xxxxxxxxxxxxxxxxxxxxxxx
"Eugene Gershnik" <gershnik@xxxxxxxxxxx> wrote in message
news:uoK8rBtmGHA.2372@xxxxxxxxxxxxxxxxxxxxxxx
David Webber wrote:
Maybe fopen_s is not really needed for
security
Well that's exactly what MSDN says. It is supposed to improve error
reporting. However, improving reporting is described as security
enhancement... Probably some marketroid drunk more than usual while
writing this. ;-)
Actually, it follows directly from studies of security vulnerabilities.
Not checking error codes is a major source of security vulnerabilities.
Ok.
Having inconsistent ways of returning error codes is a major source of
error codes not being checked.
I don't think it is true. COM had "everything returns HRESULT" policy since
the beginning and how much COM code does actually check all of them?
The major source of error codes not being checked is that programmers are
not punished for doing it. There is nothing MS can do about it.
--
Eugene
http://www.gershnik.com
.
- References:
- fopen_s
- From: mike7411
- Re: fopen_s
- From: Eugene Gershnik
- Re: fopen_s
- From: David Webber
- Re: fopen_s
- From: Eugene Gershnik
- Re: fopen_s
- From: Carl Daniel [VC++ MVP]
- fopen_s
- Prev by Date: Re: Forwarding DLL
- Next by Date: Re: VS2005 compiler with /clr gets confused with GetJob
- Previous by thread: Re: fopen_s
- Next by thread: Re: fopen_s
- Index(es):
Relevant Pages
|
