Would you spend one week changing strcpy to lstrcpyn ?
-
The newest idea from my company is a brute force approach to decrease Dr.Watson reports from our big C++ web application. Then, someone will have to change about 2000 strcpy to lstrcpyn passing a sizeof argument to make sure at least an overrun will not occur anymore. (believe it) Forget about using search and replace bots, it´s not safe. I think it could be made wasting 1 week of a BORED programmer and he would get a Tendinitis or something alike. If I were the choice, it ain't any better idea than look for a new job :( GuimaSun www.nexsun.com.br NEXSUN TechZone
-
The newest idea from my company is a brute force approach to decrease Dr.Watson reports from our big C++ web application. Then, someone will have to change about 2000 strcpy to lstrcpyn passing a sizeof argument to make sure at least an overrun will not occur anymore. (believe it) Forget about using search and replace bots, it´s not safe. I think it could be made wasting 1 week of a BORED programmer and he would get a Tendinitis or something alike. If I were the choice, it ain't any better idea than look for a new job :( GuimaSun www.nexsun.com.br NEXSUN TechZone
If the
strcpys are causing the Dr.Watson reports then they should be fixed. It might not be fun but thats life. Mike -
The newest idea from my company is a brute force approach to decrease Dr.Watson reports from our big C++ web application. Then, someone will have to change about 2000 strcpy to lstrcpyn passing a sizeof argument to make sure at least an overrun will not occur anymore. (believe it) Forget about using search and replace bots, it´s not safe. I think it could be made wasting 1 week of a BORED programmer and he would get a Tendinitis or something alike. If I were the choice, it ain't any better idea than look for a new job :( GuimaSun www.nexsun.com.br NEXSUN TechZone
GuimaSun wrote: think it could be made wasting 1 week of a BORED programmer and he would get a Tendinitis or something alike. The one who put in the unchecked strcpy's deserves better. I hereby award him the unique possibility to debug a cross-process-CoTaskMemAlloc-in-PROPVARIANT-allocation-vanishes-after-calling-server "issue"
we are here to help each other get through this thing, whatever it is Vonnegut jr.
boost your code || Fold With Us! || sighist | doxygen -
The newest idea from my company is a brute force approach to decrease Dr.Watson reports from our big C++ web application. Then, someone will have to change about 2000 strcpy to lstrcpyn passing a sizeof argument to make sure at least an overrun will not occur anymore. (believe it) Forget about using search and replace bots, it´s not safe. I think it could be made wasting 1 week of a BORED programmer and he would get a Tendinitis or something alike. If I were the choice, it ain't any better idea than look for a new job :( GuimaSun www.nexsun.com.br NEXSUN TechZone
It's called experience, 'you' sure as hell won't make that mistake again! But don't do what some people do, i.e. turn off Dr. Watson!
"An expert is a person who has made all the mistakes that can be made in a very narrow field." - Neils Bohr
-
The newest idea from my company is a brute force approach to decrease Dr.Watson reports from our big C++ web application. Then, someone will have to change about 2000 strcpy to lstrcpyn passing a sizeof argument to make sure at least an overrun will not occur anymore. (believe it) Forget about using search and replace bots, it´s not safe. I think it could be made wasting 1 week of a BORED programmer and he would get a Tendinitis or something alike. If I were the choice, it ain't any better idea than look for a new job :( GuimaSun www.nexsun.com.br NEXSUN TechZone
-
The newest idea from my company is a brute force approach to decrease Dr.Watson reports from our big C++ web application. Then, someone will have to change about 2000 strcpy to lstrcpyn passing a sizeof argument to make sure at least an overrun will not occur anymore. (believe it) Forget about using search and replace bots, it´s not safe. I think it could be made wasting 1 week of a BORED programmer and he would get a Tendinitis or something alike. If I were the choice, it ain't any better idea than look for a new job :( GuimaSun www.nexsun.com.br NEXSUN TechZone
I've done worse as a co-op student (intern). Then again, I was just cheap temporary labor. The kindest thing you can do for a stupid person, and for the gene pool, is to let him expire of his own dumb choices. [Roger Wright on stupid people] We're like private member functions [John Theal on R&D] We're figuring out the parent thing as we go though. Kinda like setting up Linux for the first time ya' know... [Nitron]
-
The newest idea from my company is a brute force approach to decrease Dr.Watson reports from our big C++ web application. Then, someone will have to change about 2000 strcpy to lstrcpyn passing a sizeof argument to make sure at least an overrun will not occur anymore. (believe it) Forget about using search and replace bots, it´s not safe. I think it could be made wasting 1 week of a BORED programmer and he would get a Tendinitis or something alike. If I were the choice, it ain't any better idea than look for a new job :( GuimaSun www.nexsun.com.br NEXSUN TechZone
If the code had been written properly to begin with, strcpy wouldn't be giving you headaches. Deal with it and stop whining like a little girl... ------- sig starts "I've heard some drivers saying, 'We're going too fast here...'. If you're not here to race, go the hell home - don't come here and grumble about going too fast. Why don't you tie a kerosene rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt "...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001
-
The newest idea from my company is a brute force approach to decrease Dr.Watson reports from our big C++ web application. Then, someone will have to change about 2000 strcpy to lstrcpyn passing a sizeof argument to make sure at least an overrun will not occur anymore. (believe it) Forget about using search and replace bots, it´s not safe. I think it could be made wasting 1 week of a BORED programmer and he would get a Tendinitis or something alike. If I were the choice, it ain't any better idea than look for a new job :( GuimaSun www.nexsun.com.br NEXSUN TechZone
Write your own strcpy and check for bad writes. Todd Smith
-
The newest idea from my company is a brute force approach to decrease Dr.Watson reports from our big C++ web application. Then, someone will have to change about 2000 strcpy to lstrcpyn passing a sizeof argument to make sure at least an overrun will not occur anymore. (believe it) Forget about using search and replace bots, it´s not safe. I think it could be made wasting 1 week of a BORED programmer and he would get a Tendinitis or something alike. If I were the choice, it ain't any better idea than look for a new job :( GuimaSun www.nexsun.com.br NEXSUN TechZone
I'd spend this same week changing strcpy and static char buffers for std::string. :cool: Yes, even I am blogging now!
-
GuimaSun wrote: think it could be made wasting 1 week of a BORED programmer and he would get a Tendinitis or something alike. The one who put in the unchecked strcpy's deserves better. I hereby award him the unique possibility to debug a cross-process-CoTaskMemAlloc-in-PROPVARIANT-allocation-vanishes-after-calling-server "issue"
we are here to help each other get through this thing, whatever it is Vonnegut jr.
boost your code || Fold With Us! || sighist | doxygenand they have to use command line GDB to debug it with! :) ¡El diablo está en mis pantalones! ¡Mire, mire! Real Mentats use only 100% pure, unfooled around with Sapho Juice(tm)! SELECT * FROM User WHERE Clue > 0 0 rows returned
-
I'd spend this same week changing strcpy and static char buffers for std::string. :cool: Yes, even I am blogging now!
I am surprised nobody else pointed this out. He mentions a C++ app - what the hell is he (they) doing *not* using std::string as opposed to strcpy? :doh: ¡El diablo está en mis pantalones! ¡Mire, mire! Real Mentats use only 100% pure, unfooled around with Sapho Juice(tm)! SELECT * FROM User WHERE Clue > 0 0 rows returned
-
GuimaSun wrote: think it could be made wasting 1 week of a BORED programmer and he would get a Tendinitis or something alike. The one who put in the unchecked strcpy's deserves better. I hereby award him the unique possibility to debug a cross-process-CoTaskMemAlloc-in-PROPVARIANT-allocation-vanishes-after-calling-server "issue"
we are here to help each other get through this thing, whatever it is Vonnegut jr.
boost your code || Fold With Us! || sighist | doxygenpeterchen wrote: The one who put in the unchecked strcpy's deserves better. The guy that makes those mistakes will not fix the code, cause just an "experienced programmer" will put the hands on it...he will just write "fresh" code :) GuimaSun www.nexsun.com.br NEXSUN TechZone
-
I'd spend this same week changing strcpy and static char buffers for std::string. :cool: Yes, even I am blogging now!
I love std::string too, but the system was written in pure C (not C++ as I said sorry) and the boss consider C++ slow and unsafe :rolleyes: We could just rename .c to c++ and use extern "c" on WINAPI functions. GuimaSun www.nexsun.com.br NEXSUN TechZone
-
I love std::string too, but the system was written in pure C (not C++ as I said sorry) and the boss consider C++ slow and unsafe :rolleyes: We could just rename .c to c++ and use extern "c" on WINAPI functions. GuimaSun www.nexsun.com.br NEXSUN TechZone
GuimaSun wrote: the boss consider C++ slow and unsafe Ugh... bounds checking or no, you're doomed.
nOTHING lIES sTILL lONG... -
If the code had been written properly to begin with, strcpy wouldn't be giving you headaches. Deal with it and stop whining like a little girl... ------- sig starts "I've heard some drivers saying, 'We're going too fast here...'. If you're not here to race, go the hell home - don't come here and grumble about going too fast. Why don't you tie a kerosene rag around your ankles so the ants won't climb up and eat your candy ass..." - Dale Earnhardt "...the staggering layers of obscenity in your statement make it a work of art on so many levels." - Jason Jystad, 10/26/2001
You beat me to it. :) -- Weiter, weiter, ins verderben. Wir müssen leben bis wir sterben.
-
The newest idea from my company is a brute force approach to decrease Dr.Watson reports from our big C++ web application. Then, someone will have to change about 2000 strcpy to lstrcpyn passing a sizeof argument to make sure at least an overrun will not occur anymore. (believe it) Forget about using search and replace bots, it´s not safe. I think it could be made wasting 1 week of a BORED programmer and he would get a Tendinitis or something alike. If I were the choice, it ain't any better idea than look for a new job :( GuimaSun www.nexsun.com.br NEXSUN TechZone
Ehm.. if you're getting Dr. Watson reports, don't you think the error lies elsewhere than in strcpy()? :~ -- Weiter, weiter, ins verderben. Wir müssen leben bis wir sterben.
-
I love std::string too, but the system was written in pure C (not C++ as I said sorry) and the boss consider C++ slow and unsafe :rolleyes: We could just rename .c to c++ and use extern "c" on WINAPI functions. GuimaSun www.nexsun.com.br NEXSUN TechZone
GuimaSun wrote: the boss consider C++ slow and unsafe Oh god. Wonder what he thinks of C#? It sounds like you job isn't gaining you marketable experience anyhow - get the hell out!!! Dale Thompson
-
Ehm.. if you're getting Dr. Watson reports, don't you think the error lies elsewhere than in strcpy()? :~ -- Weiter, weiter, ins verderben. Wir müssen leben bis wir sterben.
When it happens, we get the asm/hex log, which points to the fault address. 90% of them are related to strcpy...hard truth :sigh: GuimaSun www.nexsun.com.br NEXSUN TechZone
-
When it happens, we get the asm/hex log, which points to the fault address. 90% of them are related to strcpy...hard truth :sigh: GuimaSun www.nexsun.com.br NEXSUN TechZone
Yeah, but strcpy() isn't called by itself, is it? :) -- Weiter, weiter, ins verderben. Wir müssen leben bis wir sterben.
-
Yeah, but strcpy() isn't called by itself, is it? :) -- Weiter, weiter, ins verderben. Wir müssen leben bis wir sterben.
Maybe the implementation they use is recursive :eek:
My programming blahblahblah blog. If you ever find anything useful here, please let me know to remove it.