Log4cxx
  1. Log4cxx
  2. LOGCXX-88

Explore use of security-enhanced CRT methods

    Details

    • Type: Improvement Improvement
    • Status: Resolved
    • Priority: Minor Minor
    • Resolution: Fixed
    • Affects Version/s: 0.10.0
    • Fix Version/s: 0.10.0
    • Component/s: None
    • Labels:
      None

      Description

      Microsoft has proposed a set of security-enhanced versions of the familiar C RTL methods (like strcpy_s for strcpy) that require do buffer length checking etc. It would be desirable if APR and log4cxx could use the security-enhanced versions if present to avoid nasty deprecation warnings with VS.NET 2005 when it is released. The scope of the necessary changes may or may not be substantial and it would be likely to scour APR first.

      The draft proposal is at: http://www.open-std.org/jtc1/sc22/wg14/www/docs/n1031.pdf
      MSDN article at http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dncode/html/secure03102004.asp

        Activity

        No work has yet been logged on this issue.

          People

          • Assignee:
            Curt Arnold
            Reporter:
            Curt Arnold
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development