2007-12-17

When standards go wrong

POSIX gets() function should not be used in any program as is a well known buffer overflow. But since it is in the POSIX standard gets() is very difficult to remove from C libraries like glibc because that means that it would break standard conformance. That means that deprecated and unsafe API can stay on standard libraries for long.

No comments: