问题描述
我有一个旧的项目,是混合的C和C ++。它使strcat的,函数strncpy $ C广泛使用C字符串和
的strcpy
,的$ C>,
strncat函数
等我发现了一些缓冲区溢出,我想使用更安全功能,如 strcpy_s
。 MSVC包括那些功能,但我需要的东西,将在各种平台上的工作 - 的Linux,OSX和Windows最少
I have an old project that is mixed C and C++. It makes extensive use of C strings and of strcpy
,strcat
,strncpy
,strncat
etc. I've uncovered a number of buffer overflows, and I'd like to use more secure functions, such as strcpy_s
. MSVC includes those functions, but I need something that will work on various platforms - linux, osx, and windows at the least.
我知道的 strlcpy
,但很多人都注意到(),它真的不是一种进步。
I do know of strlcpy
, but as plenty of people have noted (example), it really isn't an improvement.
所以:是否有 strcpy_s
, strcat_s
的任何自由的实现等,或者整个的?
So: Are there any free implementations of strcpy_s
, strcat_s
, etc, or of the entire TR24731-1
?
我需要的东西,要么公共领域
或 BSD
,但如果你知道在其他许可实现,去前进,列出他们 - 我敢肯定,别人将受益
I need something that's either public domain
or BSD
, but if you know of implementations under other licenses, go ahead and list them - I'm sure someone else will benefit.
推荐答案
在的尝试。这是根据本的实现你要找的功能:
Try with the Safe C library. It's under the MIT license and according to this list implements the functions you're looking for:
安全C库提供了符合ISO / IEC TR24731边界检查内存和字符串函数。
这些功能的替代功能,以现有的标准C库,促进更安全,更安全编程
这篇关于是否有strcpy_s和/或TR24731-1的任何自由的实现?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!