[prev in list] [next in list] [prev in thread] [next in thread]
List: openbsd-tech
Subject: On the matter of strlcpy/strlcat acceptance by industry
From: deraadt () cvs ! openbsd ! org
Date: 2013-12-18 4:01:16
Message-ID: 201312180401.rBI41GET031793 () cvs ! openbsd ! org
[Download RAW message or body]
From time to time, there are people who say that strlcpy and strlcat
are stupid.
This is a little frustrating because we just want developers to have
an easier time writing/auditing string code to avoid overflows and
truncations, especially considering so many standard C APIs require
fixed length strings or have other limits, and will in the forceable
future.
You probably all know about the mainstream users of these functions,
like the Linux kernel, or MacOS, or the other BSD's, and Solaris. But
there are many, many more, and it is time to show the global
strlcpy'ing deniers the reality.
I've collected some statistics to see how much upstream software use
these functions.
I asked Stuart Henderson to collect a "recursive nm .o" for every
piece of software built in our ports tree. It's roughly 2GB of
text output.
For those who don't know, that ports tree is basically a repository of
all the application software we supply as an add-on on top of the base
operating system. Each of those becomes a package, so that is what we
are looking at. They are pretty much the bulk of the commonly-used
Unix applications found on all systems.
These packages do not generally include things like openssh, perl, or
X11, sqlite, or a number of other small things directly integrated
into the OpenBSD base. But that's OK, because those I just mentioned
do use strlcpy and strlcat in their upstream repositories.
So 3535 packages contain .o files, and now we can grep to see what
they define or use.
In essence, a piece of software will likely fall into one of these
catagories:
(0) Not use the functions at all.
(1) Will assume that the system has the functions in libc.
(2) Will have a configure-style "feature-test" which tests if libc
contains the functions, and thus turn on a cpp symbol such as
HAS_STRLCPY, then use the libc version. Otherwise it will
avoid using them...
(3) More commonly, if the feature-test fails, it will substitute
copies from its own tree. Essentially to cope with glibc.
(4) Some software contain their own version, typically copied
from us, but renamed. There are many of these.
Let's look at these cases backwards, for reasons that become obvious
as we move ahead.
(4) Who is defining their own versions of the functions, with slightly
different names? The obvious names we find are:
SDL_strlcpy SDL_utf8strlcpy _iodbcdm_strlcpy
_strlcpy ascii_safe_strlcpy av_strlcpy
cli_strlcpy dt_utf8_strlcpy fc_strlcpy
fl_strlcpy flac__strlcpy fz_strlcpy
g_strlcpy hd_strlcpy isc_string_strlcpy
lg_strlcpy llvm_strlcpy loud_strlcpy
mcs_strlcpy mg_strlcpy monoeg_g_strlcpy
mowgli_strlcpy my_strlcpy mystrlcpy
os_strlcpy pa_strlcpy rb_strlcpy
sg_strlcpy sl_strlcpy sm_strlcpy
test_evutil_strlcpy test_strlcpy tr_strlcpy
ut_strlcpy utf8_strlcpy uv_strlcpy
vi_strlcpy xstrlcpy zbx_strlcpy
SDL_strlcat SDL_strlcpy _iodbcdm_strlcat
av_strlcat fc_strlcat fl_strlcat
flac__strlcat fz_strlcat g_strlcat
hd_strlcat isc_string_strlcat ixp_strlcat
mcs_strlcat mowgli_strlcat mystrlcat
rb_strlcat sg_strlcat sl_strlcat
sm_strlcat ssh_strlcat uv_strlcat
vi_strlcat wmii_strlcat xstrlcat
zbx_strlcat
Replacement copies seem to be quite popular. Some of the names
hint at who is doing this, but we can search by these functions to
see which packages are defining them:
bogofilter bro clamav cntlm cups-filters darktable dkim-milter
ffmpeg flac fltk freeciv fte glib2 gtk-gnutella htmldoc iodbc
ircd-ratbox isc-bind isc-dhcp ksh93 leafnode libixp libstatgrab
link-grammar linkchecker llvm mathomatic mcs mono mowgli mupdf
mysql node pmacct postgresql pulseaudio rlwrap samhain sdl2
tcpreplay transmission visitors wmii wpa_supplicant xfe xpilot
zabbix
So 73 (2% or 3535) of packages define either of these for themselves
under a new name. This may seem like a small list, but look it
contains monsters like glib2, postgresql, and mysql. In particular,
those monster contain libraries.. this will become more obvious a
bit further on.
(3) What about software which substitutes their own, when they don't
find ours? This is harder to determine in the OpenBSD ports tree
because our libc functions will always be found. However, we can
see if any ports sloppily compile their own versions, even though
we have it...
databases/pgpool: T strlcpy
devel/p5-File-RsyncP: T strlcpy
devel/py-setproctitle: T strlcpy
editors/fte: T strlcpy
games/oolite: T strlcpy
games/stone-soup: T strlcpy
games/xpilot: T strlcpy
mail/akpop3d: T strlcpy
net/bro: T strlcpy
net/tcpreplay: T strlcpy
shells/ksh93: T strlcpy
www/cntlm: T strlcpy
www/linkchecker: T strlcpy
x11/xfe: T strlcpy
editors/fte: T strlcat
games/xpilot: T strlcat
net/bro: T strlcat
net/pmacct: T strlcat
net/tcpreplay: T strlcat
shells/ksh93: T strlcat
www/cntlm: T strlcat
www/linkchecker: T strlcat
x11/xfe: T strlcat
This was rather unexpected. These software teams have decided to
simply use the same name, for (hopefully) the same functionality.
(2) Regarding the question of code which uses a feature test to find if
the functions exist, and having not found them, then avoids them?
We cannot test using the "symbol table" method. A test would need
to be run on a system without the functions in libc. That test
cannot be run on a BSD, MacOS, or Solaris...
(1) The question of which ports use the functions in libc should really
be split into two questions. How many use our functions
(strlcpy and strlcat)? How many use the renamed functions
(for instance, g_strlcpy from glib, isc_string_strlcpy, etc).
The following 254 (7% of 3535) of packages use our strlcpy:
GraphicsMagick Wnn adsuck aircrack-ng akpop3d anacron angst apcd argus
arp-scan asclock assl aucatctl autogen avahi bitlbee bogofilter bro
bwm-ng canna ccid cdrtools cfengine cfs cgit cgo clamsmtp clearsilver
cntlm cnupm colorls conserver crawl cue cups cyphertite cyrus-imapd
cyrus-sasl2 darkstat dcmtk dictd diskrescue dnscrypt-proxy dnsfilter
dsniff dsocks dspam dtach dvdbackup ekg eltclsh epic4 ettercap exiv2
ezstream fdm femail fetchmail fldigi flowd fltk foomatic-filters
fragroute freeciv freetds fsstress fte ftpsesame g77 garmin-utils
gettext git glib2 gnats gophernicus gpioflicker gpsd grace gxemul hoc
honeyd hotplug-diskmount hping i3status icbirc igmpproxy ikeman iogen
ipfm ipguard ircd-hybrid ircd-ratbox irssi-silc isc-bind isc-dhcp jack
jasper jpeg junkbuster kc kicad kinput2 kismet kissd ksh93 kst ladvd
ldapvacation leafnode libclog libdnet libevent2 libeventextra
libexecinfo libiconv libmagic libtar libworkman lldpd logfmon
login_oath mc mcrypt metamail milter-checkrcpt milter-regex
milter-spamd mod_auth_bsd mod_auth_mysql mono mpage natpmpd nemesis
netatalk netbsd-iscsi-target netfwd ngircd nmap nostromo nsh nsping
nvi nylon onioncat oolite openmdns openpam opensc openvpn-auth-ldap
openvpn_bsdauth p5-File-RsyncP p5-IO-Tty p5-Image-EXIF
p5-Proc-ProcessTable parse pbrowser pcc pcsc-lite pdnsd perdition
pfstat pftop pg_statsinfo pgbouncer pgpool phoon pktstat pmacct
pop3gwd poptop postgresql postgresql-plv8 pptp privoxy procmail pwsafe
py-openbsd py-setproctitle quagga radiusd-lucent relaydb rlwrap rsync
rtunes rzip samba sc scanssh sdl sdl2 shmux smsmail smtp-benchmark
smtp-vilter smtpclient snort softflowd spatial spectrwm
ssh-ldap-helper stegdetect stone-soup sudognu sudoku-solver symon
tabled tcpreplay tcpslice teknap tiff tinyproxy tkrat toprump tor
torture totd transcode transmission tray-app trickle uim umurmur
unworkable vlc vomit vpnc warzone2100 webalizer wide-dhcpv6 winexe wm2
wmcalc wmcalclock wmgrabimage wmifinfo wminfo wmmoonclock wmmp3
wmphoto wmpop3 wmspaceweather wmtimer wmtune wmwlmon xboing xfe
xine-ui xmms xombrero xorp xpilot xwrits xxdiff zoo
The following 158 (4% of 3535) of packages use our strlcat:
GraphicsMagick Wnn anacron angst argus-clients arp-scan arpd asclock
assl bogofilter bro cfengine clamsmtp clearsilver cntlm cnupm crawl
cue cups cyphertite cyrus-imapd cyrus-sasl2 darkstat dcmtk dfc dsniff
dspam ekg eltclsh epic4 ettercap ezstream fdm fetchmail flowd fltk
foomatic-filters fragroute freeciv fsstress fte ftpsesame g77 gettext
glib2 gnats gophernicus gpsd grace gxemul honeyd hotplug-diskmount
hping ikeman ircd-hybrid ircd-ratbox isc-bind isc-dhcp jasper jpeg
junkbuster kc kinput2 kst ldapvacation libbgpdump libdnet libiconv
libmagic libworkman libxmlsd linkchecker logfmon mc milter-greylist
milter-regex milter-spamd mpage mt-daapd nbfc nemesis netatalk netcdf
netfwd ngircd nostromo nsh nylon onioncat openmdns openpam opensc
p5-Devel-NYTProf p5-Image-EXIF p5-Proc-ProcessTable parse pbrowser pcc
pcsc-lite pfe pg_statsinfo pg_top phoon pop3gwd postgresql privoxy
procmail psdim pwsafe quagga radiusd-lucent relaydb rlwrap rsync
rtunes rzip samba sc scanssh scrot sdl2 smsmail smtp-benchmark
smtp-vilter snort softflowd spectrwm ssh-ldap-helper stegdetect
sudognu symon tabled tcpreplay teknap tkrat toprump tor totd transcode
tray-app tree trickle uim unworkable vomit vpnc warzone2100
wide-dhcpv6 winexe wm2 wmcalc wminfo wmmp3 wmtune xine-ui xombrero
xpilot xwrits
The following 326 (9% of 3535) packages use another library's
private *strlcpy function:
GraphicsMagick Wnn adsuck aircrack-ng akpop3d anacron angst apcd
apcupsd argus arp-scan asclock assl aucatctl audacious
audacious-plugins autogen avahi bitlbee bogofilter bro bwm-ng canna
ccid cdrtools cfengine cfs cgit cgo chromium clamav clamsmtp
claws-mail clearsilver cntlm cnupm colorls conserver crack-attack
crawl cue cups cups-pk-helper cyphertite cyrus-imapd cyrus-sasl2
darkstat darktable dcmtk dictd diskrescue dkim-milter dnscrypt-proxy
dnsfilter dsniff dsocks dspam dtach dvdbackup dvdstyler eboard ekg
eltclsh emelfm2 epic4 ettercap evolution evolution-data-server exiv2
ezstream fdm femail fetchmail ffmpeg flac fldigi flowd fltk
foomatic-filters fragroute freeciv freetds fsstress fte ftpsesame g77
garmin-utils gcompris geany gecko-mediaplayer gentoo gettext gigolo
git glib2 gmfsk gnats gnome-mplayer gnumeric gophernicus gpioflicker
gpsd grace gtk-gnutella gxemul hoc honeyd hotplug-diskmount hping
htmldoc i3status icbirc igmpproxy ikeman inkscape iodbc iogen ipfm
ipguard ircd-hybrid ircd-ratbox irssi-silc isc-bind isc-dhcp jack
jasper jnettop jpeg jpilot junkbuster kanatest kc kicad kinput2 kismet
kissd ksh93 kst ladvd ldapvacation leafnode libclog libdnet libevent2
libeventextra libexecinfo libgtop2 libiconv liblqr libmagic libnice
libsexy libstatgrab libtar libvirt-glib libworkman link-grammar lldpd
llvm logfmon login_oath logjam mathomatic mc mcrypt mcs metamail
milter-checkrcpt milter-regex milter-spamd mod_auth_bsd mod_auth_mysql
mono mowgli mpage mpd mplayer mupdf mysql natpmpd ncmpc nemesis
netatalk netbsd-iscsi-target netfwd ngircd nmap node nostromo nsh
nsping nvi nylon onioncat oolite openmdns openpam opensc
openvpn-auth-ldap openvpn_bsdauth osmo p5-File-RsyncP p5-IO-Tty
p5-Image-EXIF p5-Proc-ProcessTable pan parcellite parse pbrowser pcc
pcsc-lite pdnsd perdition pfstat pftop pg_statsinfo pgbouncer pgpool
phoon pidgin pktstat pmacct pop3gwd poptop postgresql postgresql-plv8
pptp privoxy procmail pulseaudio pwsafe py-openbsd py-setproctitle
qemu quagga radiusd-lucent rawstudio relaydb remmina rhythmbox rlwrap
rsync rtunes rzip samba samhain sc scanssh scmpc sdl sdl2 sdl2-ttf
shmux smsmail smtp-benchmark smtp-vilter smtpclient snort softflowd
spatial spectrwm ssh-ldap-helper stegdetect stone-soup streamripper
sudognu sudoku-solver symon syslog-ng tabled tcpreplay tcpslice teknap
tiff tinyproxy tkrat toprump tor torture totd transcode transmission
tray-app trickle ufraw uim umurmur unworkable viking vlc vomit vpnc
warzone2100 webalizer wide-dhcpv6 winexe wm2 wmcalc wmcalclock
wmgrabimage wmifinfo wminfo wmmoonclock wmmp3 wmphoto wmpop3
wmspaceweather wmtimer wmtune wmwlmon wpa_supplicant xboing xfe
xine-ui xmms xmms2 xnp2 xombrero xorp xournal xpilot xwrits xxdiff
yabause zabbix zoo
The following 35 (1% of 3535) packages use another library's private
*strlcat function:
bitlbee chromium darktable dkim-milter eboard ffmpeg flac freeciv
gcompris gecko-mediaplayer gmtk gnome-mplayer gtk-gnutella gtkpod
htmldoc inkscape iodbc ircd-ratbox jnettop libstatgrab mcs mplayer
mupdf ncmpc osmo pidgin qemu rlwrap samhain scmpc ufraw uim wmii xmms2
zabbix
(0) Finally, we should answer the question about who is not using these
functions or variants. Let us keep the answer really simple.
The following 1808 (51% of 3535) packages use strcpy:
9libs BasiliskII DevIL GeoIP GraphicsMagick ImageMagick ORBit2 R STk
TclXML Wnn Xaw3d XawMu Xdialog a2ps abclock abiword abook abs abuse
acpica adns aescrypt afterstep agg agm agrep aide ald allegro alpine
altermime amanda amap amarok amide amiwm amph amsn amtterm amule
anacron analog angband angband angband animorph anthy antiword
ap-utils ap2-mod_fastcgi ap2-mod_jk apache-httpd apr apr-util apr-util
aqbanking aqsis aqualung arc ardour arena argus-clients argyll
arpcatch arpwatch asapm ascd asclock asfiles asmail asp2php asp2php
astime astmanproxy astrolog asymptote atomicparsley aubio audacious
audacious-plugins audacity augeas autogen autopano-sift-c avenger
avenger avinfo avrdude axe axel babl bacula bacula bacula balance
barcode bash beav beaver beret bfbtester bible-kjv bibview bird bird
birda bison bitlbee bitlbee bitlbee bitlbee bladeenc blender blobby
blockrage bluefish bochs bochs boehm-gc bogofilter bomberclone
bonnie++ boost boswars bouml bounix bozohttpd bricons brltty bro
bsd-airtools bulk_mailer bvi bzflag bzip2 c2t c3270 cabextract cadaver
cairo cal3d calc calcoo calibre canna capitan-sevilla catdoc catdoc
ccextractor ccrypt ccze cdk cdparanoia cdrdao cdrdao cdrtools celestia
centerim cfdg cfengine cfitsio cflow cfs cftp cgal cgdb cgiparse cgit
cgoban chbg check chicken chipmunk chmlib chntpw chocolate-doom choria
chroma chromium chromium chromium-bsu clamav clamsmtp clamz classpath
claws-mail claws-mail clearsilver clementine cless clex climm clisp
clive clonekeen clucene clusterit clusterit cmake cmu-sphinx3
cmu-sphinxbase cntlm codeblocks codeworker coldfire colortail
commoncpp compface conky conky conky conky conky connect4 cook
cooledit cooledit coreutils corewars courier-authlib courier-imap
cqcam crack-attack cracklib crimson cronolog crossfire-client crxvt
cryptcat cscope ctm ctunnel ctwm cucipop cunit cups-filters curl
cutils cvechecker cvsgraph cvsps cvstrac cyrus-imapd cyrus-imapd
cyrus-sasl2 cyrus-sasl2 cyrus-sasl2 cyrus-sasl2 cyrus-sasl2 daapd
dangerdeep dansguardian dante darktable dash dbh dbus dbus-tcl dclock
dcmtk dcraw ddd deadbeef deco desmume detex detox dgen-sdl dgen-sdl
dia dialog dictd diction diffstat digikam digitemp dillo discount
djview4 djvulibre dmenu dnscrypt-proxy dnsmasq dnstracer doc++
docbook-to-man docbook2x dopewars dopewars dos2unix dosbox dotconf
doxygen doxygen dpic drac drawterm drgeo driftnet droplet dsniff
dsniff dspam dspam dspam dspam dtcltiny dumb dumpmpeg dungeon-crawl
dvd+rw-tools dvdauthor dvdbackup dvi2tty dwm dxpc dynamips dysnomia
e16keyedit e2fsprogs easytag eboard ebook-tools echoping ecl ecm
ectags eduke32 ee efax egoboo elinks elvis elvis emacs emacs emacs
emacs21 emacs21 emboss emiclock enblend-enfuse enca enchant enigma
enjoympeg enlightenment enscript epic4 epte eruby es esound espeak
eterm eterm etherape ettercap ettercap evilwm evince evolution
evolution-data-server exim exim exim exim exim exiv2 expect
extremetuxracer ez-ipupdate f1spirit faac faad faces falconseye
fastjar fbpanel fceux fcgi fcrackzip feh fetchmail ffmpeg
ffmpeg2theora ffproxy fftw fftw3 fftw3 figlet filezilla findutils
flash fldigi fleditor flex flickcurl flipit flite flow-tools fltk
fluidsynth fluxbox fluxter flvstreamer flwm fmirror fobbit foma
fontforge foo2zjs foobillard foomatic-filters fox fping fragroute
fragrouter freealut freeciv freedroid freedroidrpg freedt freehdl
freeimage freeipmi freemat freerdp freetds freeze fribidi frodo
frogatto frotz fs-uae fsv fte fuse fvwm2 fvwm95 fxtv g77 gaia
galculator gambatte gamgi gargoyle garmindev gawk gbdfed gcal gcompris
gconf2 gcpio gd gdal gdb gdbm gdiff gdk-pixbuf2 geany geda-gaf gegl
gentoo geomview geotiff gerbv gettext gforth gfortran ggrep ghc
ghostview giblib gif2png gifsicle gimgtools gimmix gindent git glew
glib glib2 glimpse glpk glsfcave gmake gmime gmp gmpc-plugins gmt
gmudix gnats gnokii gnomad2 gnome-mplayer gnucap gnucash gnuchess
gnugetopt gnugo gnumeric gnupg gnupg gnupg2 gnuplot gnuplot gnushogi
gnutls goaccess gobject-introspection goffice goffice08 gogo golem
golly gone gopher gpa gpatch gpgme gphoto2 gpicview gprolog gpsbabel
gpsk31 gpstk gq grace graphviz grcs grip groff groff gsed
gshar+gunshar gsm gtar gtar gtk+ gtk+2 gtk+3 gtk-gnutella gtkhotkey
gtkhtml3 gtkhtml4 gtklp gtkpod gtksourceview gtkwave gtypist guile
guilib gummi gutenprint gv gwaei gwenhywfar ha hamlib hanterm-xf
haserl haserl haserl haserl heroes hex-a-hop hexedit hfsplus hiawatha
hlfl hnb ht ht htmldoc hugin hugs hunspell hydra hydrogen hylafax
hylafax hyperestraier hypermail hypermail i3 i3status iaxclient
iaxmodem ibus icb icecast ices2 icewm icu4c id-utils id3ed id3lib
idled iec16022 iftop ike-scan imake imapproxy imlib imlib2 inadyn
iniparser inkscape integrit intel2gas io iodbc ion iozone ipaudit
iperf ipmitool ipv6calc irc ircII ircd-hybrid ircd-ratbox irrlamb
irrlicht irssi irssi irssi-silc isc-bind isc-dhcp isearch ish
isomaster ispell itcl itk its4 ivan iverilog jabberd jabberd jack
jailkit jam jamvm jed jed jesred jftpgw jhead jikes jlint jnettop joe
john jove jpilot jvim jvim jvim jvim jwm k3b kaffeine kakasi kanjips
kasumi keepassx kermit kicad kimdaba kinput2 kinput2 kinput2 kismet
klavaro klogic knutclient kobodeluxe kobodeluxe komi krusader ksh93
ksmp3play kst kterm kterm ktorrent l0phtcrack ladspa lam lame larbin
larswm lasem late lbdb lbreakout2 lcdproc lcms lcms2 ldapvi leafnode
ledger lensfun leptonica less lftp lgeneral lgrind lha libIDL libJudy
libXp libaacs libarchive libassuan libast libaudiofile libbgpdump
libbind libbluray libcaca libcares libcddb libcdio libchewing
libconfig libconfuse libdbi-drivers libdnet libee libetpan libexif
libf2c libfm libfmt libfprint libgadu libgcrypt libgdata libgphoto2
libgpod libgsasl libhangul libical libiconv libid3tag libident libidn
libircclient libkdcraw libksba liblo liblouis libmcrypt libmemcached
libmikmod libmodplug libmp4v2 libmpc libmpd libmspack libmtp
libmusicbrainz libmusicbrainz5 libnids libnipper libnjb libnxml
liboauth libofa libofx libosip2 libotr libpano13 libpaper libplist
libproplist libpst libpwquality libqalculate libquicktime libraw
librelp librep libretto-config libshout libsidplay libslang libsmi
libsoup libspectre libspf2 libssh libst libstatgrab libtabe libtar
libtasn1 libtextcat libtool libunicode libunistring libupnp libvirt
libvorbis libwmf libworkman libxdg-basedir libxml libzip lifelines
liferea lighttpd lighttpd lighttpd lighttpd lincity lincity-ng
link-grammar links links+ links+ livemedia lives lldpd lmms log4c
logjam logpp logsurfer lostpixels loudmouth lout love lrzsz lsof lsys
lua-lgi lua-lgi luafs luafs luajit luarexlib luasocket luasocket luna
lxnb lz4 lzo lzo2 lzop m4 mac macutil maelstrom magicpoint maildrop
mailman mailman mairix man2web manaplus mandelbulber mathomatic mawk
mboxgrep mc mcabber mcrypt mcsim mecab mediatomb mednafen menu-cache
metamail mgetty+sendfax mhash mico microblog-purple micropolis mikmod
milkytracker milter-greylist mimedefang mimepp ming mini_sendmail
minicom minidlna mirrormagic mixer.app mixmaster mjpegtools mjpegtools
mk mlmmj mlterm mod_auth_ldap mod_auth_pgsql mod_fastcgi mod_jk
mod_mp3 mod_mp3 mod_security modlogan mono monotone moon-buggy moria
most movemail mowitz mozplugger mp3blaster mp3encode mp3gain mp3info
mp3info mpack mpc mpeg_encode mpeg_play mpegaudio mpfr mpg123 mpg321
mpgtx mplayer mrtd mrtg mrxvt mscore mshell msmtp mt-daapd mterm
mtools mtr mtr mudix multimux multitail mupdf musepack mutella mxconns
mxml mysql naken430asm nam namazu nano nap nasm nbaudit nbtscan ncdu
ncftp neXtaw nedit neon nepenthes nepim nestopia netatalk
netbsd-iscsi-target netcdf nethack nethack nethack netpbm netperf
netpipe netris neverball newsfetch ngspice nmap nmh nmh nn node
node-bcrypt node-gir node-pg normalize nosefart nqp ns nslint nslint
nspr nss ntfs-3g ntl ntop ntp nulib nutdb nvi-m17n nvi-m17n nyancat
oath-toolkit obc obexftp ocaml ocaml-mlgmp ocaml-net ocaml-net ocsync
octave ode oggz ogle ogle_gui ogmrip ogmtools ogre olsrd omake omega
onew onew onew oo2c oolite opal open-cobol openarena openbabel opencdk
opencm openconnect opencv openexr openfst openimageio openjp2 openjpeg
openldap openldap openldap23 openmotif openmpi openmsx opennap
openobex openocd openpoppassd opensc openscenegraph opensonic opensp
openvmps openvpn openvpn-auth-ldap ophcrack optipng orc oroborus ortp
osm-gps-map osm2go osmo osrtspproxy otcl otf2bdf owamp
p5-CGI-SpeedyCGI p5-Cairo p5-Convert-Binary-C p5-Convert-UUlib
p5-DBD-Pg p5-DBD-SQLite2 p5-DBD-Sybase p5-DBI p5-Data-Dump-Streamer
p5-File-MMagic-XS p5-File-RsyncP p5-HTML-Embperl p5-Image-EXIF
p5-Imager p5-Locale-Hebrew p5-Math-Pari p5-Net-RawIP p5-Net-TCLink
p5-Net_SSLeay p5-PadWalker p5-Quota p5-Term-ReadLine-Gnu
p5-Text-Aspell p5-Text-Tmpl p5-Tk p5-Tk-TableMatrix p5-Wx
p5-XML-LibXML p5-XML-SAX-ExpatXS p5-libapreq p5-libapreq2 p5-sybperl
pan pango pangox-compat par par1cmdline par2cmdline parcellite pari
parrot parse patchutils pavuk pavuk pcb pccts pcre pcsc-lite pcsxr
pdflib pdmenu pen perdition pfe pg_statsinfo pg_top pgadmin3 pgp pgp5
pgpool pgpsendmail pgtcl physfs pidgin pidgin pidgin-sipe pidgin-tlen
piewm pilot-link pinentry pinfo pingus pioneers pjsua plan plib plor
plplot pmacct pms pngcrush poedit polipo popclient poppassd poppler
poppler popt poptop pork postgis postgresql postgresql-odbc potrace
pound povray powerdns prboom prboom-plus prepop procmail proj prosody
protobuf-c proxy-suite psi pstoedit psutils ptlib pulseaudio pure-ftpd
pure-ftpd pure-ftpd pure-ftpd pure-ftpd pure-ftpd pure-ftpd pure-ftpd
putty puzzles pwgen pwm py-Imaging py-M2Crypto py-Pillow py-apsw
py-apsw py-cjkcodecs py-cryptkit py-gtk2 py-libpcap py-mxDateTime
py-numpy py-openssl py-pgsql py-proj py-psycopg2 py-quixote py-scipy
py-sip py-sqlite2 py-sybase py-vorbis py-wxPython pysvn pyusb qca2
qcad qemu qgis qhull qiv qlandkarte qlandkartegt qpage qscintilla
qstat qt-creator qt3 quagga quake2 qucs queryperf queso quesoglc quirc
qvwm racket radiusd-cistron radmind ragel raptor rarian ratpoison
rawstudio rawtherapee rc rc rc rdesktop readline recode redis redland
remake remind remmina rep-gtk repmgr retawq rftg ri-li rlwrap
roadfighter rocksndiamonds rocrail rox-filer roxterm rpl rplay rpm
rrdtool rsyslog rtmpdump rtty rubinius ruby-capybara-webkit
ruby-capybara-webkit ruby-eventmachine ruby-eventmachine
ruby-eventmachine ruby-ldap ruby-ldap ruby-ldap ruby-passenger
ruby-passenger ruby-rb-gsl ruby-rdiscount ruby-rdiscount
ruby-rdiscount ruby-rmagick ruby-rmagick ruby-rmagick
ruby-swift-db-mysql ruby-swift-db-mysql ruby-vorbis_comment
ruby-vorbis_comment ruby-vorbis_comment rxp rxvt rxvt-unicode s10sh
sablotron sam samdump2 samhain samhain samhain sane-backends sarg sarg
sash sattrack sawfish sbcl sc scheme48 schismtracker scim scim-fcitx
scintilla scite scm scm scmxx scorched3d screen screen scsh scummvm
scummvm-tools sdd sdl-mixer sdl-sound sdl2 sdl2-mixer sdlmame sdlmess
sdlroids sdlzombies se seed7 setquota seyon sfio sgmlformat shapelib
sharity-light shash shash shell-fm shntool shorten shunt si siag
sidplay siege silc-client silc-server silc-server silc-toolkit sim
simgear simulavr sipcalc siproxd sipsak sisctrl sketch slash slash
slash-em slash-em sliderule slim slrn smstools snes9x snipe2d snort
snownews socat sofia-sip solid-pop3d solid-pop3d sope soundtracker
source-highlight sox spacezero spandsp spawn-fcgi spectemu spectrum
speech-dispatcher speeddreams sphinx sphinx spice spice-gtk spider
spidermonkey spidermonkey spiff spim spiped splint splitvt splix
sqlite sqlitebrowser sqsh squidclamav srcpd sshfs-fuse sshguard
sshguard ssldump sslh ssvnc star star startup-notification stegdetect
steghide stella stepmania sthttpd stone-soup stone-soup streamripper
strigi strobe stunnel stuntman subrip subtitleripper subversion
sunbird sunclock supercat supertux supertuxkart swfmill swftools
swi-prolog swig swish-e sxiv sylpheed sympa synaesthesia synergy
syslog-ng t1lib tacacs+ taglib tagtool tapclean tarsnap tclcl tclcurl
tclthread tcltls tcludp tcpcat tcplist tcpreplay tcpstat tcptraceroute
tcsh tdl teapop ted teeworlds teknap tellico tesseract testdisk
texmaker texworks tgif thcrut the_silver_searcher tidyp tiff2png tilda
timidity tin tintin++ tinycdb tinyfugue tinyscheme tircproxy tkdnd
tkhtml tkimg tkrat tktable tktreectrl tla tlf tn5250 tnef toolame
toppler tornado torsocks totd tpb tracker traditional-vi trafd
trafshow trans transfig transmission tre treewm tremor tremor-tools
trn tuxkart tuxpaint tvtwm tweak u9fs uae ucblogo ucpp ucspi-unix
udunits uemacs ufraw uim unarj uncrustify unicon uniutils unrar
unshield unzip uptimed uqm usbutils ushare uucp uwm vala varnish vbam
vcdimager verbiste viewfax vifm viking vim vim vim vim vim vim
virt-viewer virtuoso vislcg3 vitetris viz vlc vncsnapshot vorbis-tools
vorbisgain vrfy vtags vteplugin vttest w3m w3m w3m w3m waimea wanderer
warzone2100 wavpack wbox wdiff webalizer webkit webkit weechat weex
wesnoth wesnoth wget wide-dhcp widelands wily windowlab windowmaker
winexe wizznic wmbiff wmclockmon wmcube wmglobe wmifinfo wmii wminfo
wmitime wml wmmail wmmenu wmmenu wmminichess wmmixer wmmp wmmp3
wmmultipop3 wmnet wmpinboard wmthemeinstall wmtime wmtz wmx wordnet
wterm wv wv2 www6to4 wwwcount wwwoffle wxWidgets wy60 x11vnc x264 x2x
x3270 x48 xanim xaniroc xantfarm xaos xapian-omega xarchiver xastir
xawtv xbae xbat xbattle xbill xbl xblast xbmbrowser xboard xboing
xbomber xbreaky xbubble xcalib xcdroast xcept xchat xcircuit xclip xco
xcolors xcopilot xcowsay xcubes xcursorgen xd xdaliclock xdeblock
xdg-user-dirs xdino xdmchoose xdms xdotool xdrawchem xdtm xdu xearth
xengine xephem xerces-c xevil xfaces xfe xfed xfig xfishtank xfm
xforms xgalaga-sdl xgas xgrab xhomer xine-lib xine-ui xinvest xjewel
xjig xjobs xkeycaps xkobo xkobo xl2tpd xlbiff xless xlhtml xlife
xloadimage xlog xmahjongg xmake xmascot xmcd xmedcon xmine xminehunter
xmix xmlrpc-c xmlrpc-epi xmlsec xmlwf xmmix xmms xmms-shn xmms-sid
xmms-speex xmms-wavpack xmms2 xmms2-scrobbler xmoto xmris xnc xnecview
xneko xnp2 xoris xorp xpad xpaint xpat2 xpdf xpilot xplanet xplot
xpostit xpostitPlus xprompt xps xquote xruskb xsane xsane xscavenger
xscorch xscrabble xscreensaver xscribble xskat xspread xtacy xtar
xteddy xtermset xtraceroute xtrkcad xvkbd xwelltris xwelltris xwpe
xzgv xzip yabause yafc yasm yaz yencode ykpers yle-dl yorick ytalk
ytalk ytree zangband zangband zaz zbar zebedee zeromq zh-bg5pdf zile
zint zip ziproxy zkt zmtx-zmrx zoo zoom zsh zsnes zsync zziplib zzuf
I'm not going to bother including the data for strcat.
So 50% of software still calls strcpy. There is no way they have
all been audited to avoid overflow.
Following this, a few more observations are in order:
(1) Remarkably, four pieces off software still use gets(3)
chipmunk Wnn alpine metamail
(2) sprintf is still pretty popular. 1810 (51% of 3535) packages use it.
arc bzip2 fastjar gcpio gshar+gunshar gtar gtar ha libarchive libzip
lxsplit lzo lzo2 macutil nulib par2cmdline ucl unace unarj unrar unzip
xdms zip zoo zziplib celestia dgpsip gcal libnova luna sattrack
stellarium sunclock wmglobe xearth xephem akode amarok aqualung ardour
ario ascd aubio audacious-plugins audacity aumix calf cdparanoia
clementine cmt cmu-sphinx3 cmu-sphinxbase cuetools deadbeef easytag
esound espeak faac faad flite fluidsynth gimmix gnomad2 grip gtkpod
herrie hydrogen id3ed id3lib jack ksmp3play lame libao libcanberra
libcddb libcdio libcue liblo libmad libmikmod libmodplug libmp3splt
libmusicbrainz libmusicbrainz5 libnjb libofa lmms mac madplay mikmod
milkytracker mp3blaster mp3gain mp3info mp3info mp3wrap mpg123 mpg321
mscore multimux musepack nap normalize nosefart p5-Audio-FLAC-Header
p5-Audio-Scan pms pulseaudio py-ogg rhythmbox rioutil rplay rsynth
ruby-id3lib ruby-id3lib ruby-id3lib schismtracker scmpc shell-fm
soundtracker sox speech-dispatcher streamripper tagtool teknap
timidity tracker tremor-tools umurmur vamp-plugin-sdk vorbis-tools
wavpack wmix wmmixer wmmp wmmp3 xcdplayer xhippo xmcd xmix xmmix xmms
xmms-shn xmms-wavpack xmms2 xmms2-scrobbler bonnie bonnie++ iozone
netperf siege xengine emboss nutdb py-biopython chipmunk geda-gaf
gerbv gnucap gtkwave kicad necpp ngspice pcb qcad qucs spice xcircuit
xnecview xtrkcad cless crxvt libchewing ttfm amtterm birda c3270 efax
fldigi gmfsk gnokii gpsk31 hamlib jpilot kermit lcdproc lrzsz
mgetty+sendfax minicom openobex pilot-link qpage scmxx seyon smstools
tlf wy60 x3270 xastir xcept xlog zmtx-zmrx dos2unix html2text ish
libdvdcss libiconv libpst libunistring mimepp mpack otf2bdf
p5-Convert-Binary-C p5-Convert-UUlib p5-JSON-XS recode ripmime trans
wv wv2 xlhtml dbh dbic++ evolution-data-server freetds gnats gq iodbc
kyotocabinet lbdb libpqxx mysql mysqlcc openldap openldap openldap23
p5-DBD-Pg p5-DBD-SQLite p5-DBD-SQLite2 p5-DBD-Sybase p5-DBD-mysql
p5-DBI p5-sybperl pg_statsinfo pg_top pgadmin3 pgpool pgtcl postgresql
postgresql-odbc py-apsw py-apsw py-mysql py-pgsql py-psycopg2
py-pygresql py-sybase qdbm redis ruby-ldap ruby-ldap ruby-ldap
ruby-mysql ruby-mysql ruby-mysql ruby-mysql ruby-swift-db-mysql
ruby-swift-db-mysql ruby-swift-db-postgres ruby-swift-db-postgres
ruby-swift-db-sqlite3 ruby-swift-db-sqlite3 ruby-tiny_tds
ruby-tiny_tds ruby-tiny_tds ruby-tiny_tds sqlite sqsh strigi virtuoso
xapian-core acpica ald apr-util apr-util argp-standalone asp2php
asp2php autogen avrdude bison blame boehm-gc boost bouml bullet bzr
ccache ccrtp cdk cflow cgdb cmake codeblocks codeworker commoncpp cook
cppunit ctm cutils cvsgraph cvsps ddd doc++ dotconf doxygen doxygen
droplet ectags erl-ejson fox fribidi gdb geany geotiff gettext gindent
git glib glib2 glog glpk gmake gobject-introspection goffice goffice08
gpatch grcs guilib gwenhywfar hs-HsSyck id-utils imake iniparser itcl
lam libast libaudiofile libconfig libdvdread libee libf2c libgsf
libgtop2 libhid libidn liblouis libmpc libmtp libofx liboil libplist
libproplist libslang libtool libusb-compat libwnck libwnck3 libyajl
libyaml llvm log4c lpc21isp luaprofiler luaprofiler m4 mico mm
monotone mpfr naken430asm nasm nspr ocaml-mlgmp ode omake opencm
openmpi openocd orc p5-Data-Structure-Util p5-Data-UUID p5-Devel-Cover
p5-Devel-NYTProf p5-Glib2 p5-IO-Tty p5-SDL p5-Term-ReadKey
p5-YAML-Syck p5-YAML-XS pccts pcre physfs plib popt proj protobuf
protobuf-c pth ptlib py-gobject py-gobject3 py-gobject3 py-guppy
py-mxDateTime py-sip pygame qt-creator ragel rapidsvn rats readline
remake ruby-home_run ruby-narray ruby-narray ruby-rb-gsl ruby-yajl
ruby-yajl sdl-image sdl-ttf sdl2-ttf sfio shapelib silc-toolkit
simulavr smpeg spidermonkey splint srecord stp subversion swig t1lib
tclcl tclthread tla ucpp udis86 vtags xmake yasm abiword axe beav
beaver bvi cooledit cooledit ee elvis elvis emacs emacs emacs emacs21
emacs21 fte hexedit hnb ht ht jed jed joe jove nano nedit nvi-m17n
nvi-m17n qscintilla scintilla scite ted traditional-vi tweak uemacs
vim vim vim vim vim vim xwpe zile drgeo gamgi gtypist BasiliskII bochs
bochs coldfire desmume dgen-sdl dgen-sdl dosbox dynamips fceux frodo
fs-uae fuse mednafen nestopia pcsxr qemu sdlmame sdlmess snes9x
spectemu spim uae vbam x48 xcopilot xhomer xnp2 yabause zsnes
zh-bg5pdf abuse allegro amph angband angband angband armagetronad
barrage beret blobby blockrage bomberclone bzflag capitan-sevilla
cgoban chocolate-doom choria chroma chromium-bsu clonekeen corewars
crimson crossfire-client csmash dangerdeep dd2 defendguin dopewars
dopewars dungeon-crawl easyrpg eduke32 egoboo einstein eliot enigma
extremetuxracer f1spirit falconseye foobillard freeciv freedroid
freedroidrpg frogatto frotz frozen-bubble gamine gargoyle gcompris
gemdropx gnuchess gnugo gnushogi golly heroes hex-a-hop irrlamb komi
lbreakout2 lgeneral lincity lincity-ng lostpixels love maelstrom
meandmyshadow micropolis minetest mirrormagic moon-buggy moonlander
moonlander moria nethack nethack nethack neverball numptyphysics omega
oolite openarena opensonic openttd pacman-arena pioneers pokerth
prboom prboom-plus puzzles qgo qstat quake2 redeclipse rftg ri-li
roadfighter rocksndiamonds scorched3d scummvm scummvm-tools sdlroids
sdlzombies slash slash slash-em slash-em snipe2d spacehulk spacezero
speeddreams spider stepmania stone-soup stone-soup sudognu
sudoku-solver supertux supertuxkart teeworlds toppler tornado tuxkart
tuxpaint tuxpaint-config uqm valyriatear vectoroids vitetris
vms-empire vodovod wanderer warmux warzone2100 wesnoth wesnoth
widelands wizznic xasteroids xbat xbattle xbill xbl xblast xboard
xboing xbomber xbreaky xbubble xcubes xdeblock xdino xgalaga-sdl
xinvaders xjewel xjig xkobo xkobo xlife xmahjongg xmine xminehunter
xminesweep xmoto xmris xonix xpat2 xpilot xscavenger xscrabble xskat
xwelltris xwelltris xzip zangband zangband zaz zoom garmindev gdal
gimgtools gpsbabel gpstk postgis py-proj qgis qlandkarte qlandkartegt
viking DevIL GraphicsMagick ImageMagick aalib agg animorph aqsis
argyll autopano-sift-c babl barcode blender cairo cal3d cqcam
darktable dcmtk dcraw dia digikam djview4 djvulibre dpic
enblend-enfuse enjoympeg evince exiftran feh flash freeimage fxtv gd
gdk-pixbuf2 gegl geomview gif2png gifsicle gmt gocr goocanvas
goocanvas2 gphoto2 gpicview gracula graphite2 hugin imlib2 inkscape
ipe iview jbig2dec kimdaba lasem lcms lcms2 lensfun leptonica libart
libcaca libexif libexif-gtk libgphoto2 libiptcdata libkdcraw libmpeg2
libpano13 libraw libvidcap libwmf lsys luvcview mandelbulber mapnik
mpeg_encode mpeg_play mscgen netpbm ocaml-camlimages opencv
openexr-viewers openimageio openjp2 openjpeg openscenegraph
p5-Image-EXIF p5-Imager pigment potrace povray pstoedit py-Imaging
py-Pillow py-matplotlib rawstudio rawtherapee ruby-rmagick
ruby-rmagick ruby-rmagick s10sh sane-backends simgear sketch tesseract
tgif tiff tkimg ufraw xanim xaos xbmbrowser xfig xmedcon xmms-kj xoris
xpaint xsane xsane xzgv zbar zint anthy ibus scim scim-anthy
scim-chewing scim-fcitx uim Wnn canna groff gwaei jvim jvim jvim jvim
kakasi kanatest kanjipad kanjips kterm kterm less mecab onew onew onew
jlint hanterm-xf STk arena chicken classpath clisp datalog expect
freehdl g77 gawk gfortran ghc gprolog guile hugs intel2gas io iverilog
jamvm jikes jimtcl librep luajit mawk mono node nqp obc ocaml oo2c
open-cobol otcl parrot pfe racket rubinius sbcl scheme48 seed7
spidermonkey swi-prolog ucblogo unicon verilator alpine altermime
archiveopteryx asmail avenger avenger bmf bogofilter bogofilter
bogofilter bogofilter bulk_mailer claws-mail claws-mail
courier-authlib courier-imap cucipop cue cyrus-imapd cyrus-imapd drac
dspam dspam dspam dspam elm evolution evolution-rss exim exim exim
exim exim faces fetchmail gmime hashcash isync libspf2 maildrop mairix
mboxgrep metamail mimedefang mixmaster nmh nmh perdition pgpsendmail
popclient poppassd py-milter sylpheed sympa teapop tkrat tnef vrfy
wmbiff wmmail wmpop3 xfaces xlbiff R abs calc cfitsio cgal ecm fftw
foma freemat gnumeric gnuplot gnuplot grace graphviz grpn hexcalc kst
libqalculate matio mcsim netcdf ntl octave p5-Math-Pari pari plplot
py-Numeric py-numpy py-scipy qhull qtoctave sc udunits wmcalc xspread
yorick amanda astrolog bible-kjv brltty cdrdao cdrdao clex deco delay
dialog digitemp findutils hfsplus jive lifelines logjam magicpoint mc
memchan most mshell openbabel pdmenu plan randtype remind rlwrap
rocrail rpm screen screen splitvt srcpd supercat tapclean teseq
uniutils viz vttest wmtimer wordnet xd xgas xless xnc xtar xtimer
ytree zzuf atomicparsley avinfo ccextractor dvdauthor ffmpeg2theora
kguitar libaacs libbluray libmms libmp4v2 libquicktime libvpx lives
lsdvd mediatomb ming minidlna mjpegtools mjpegtools mkvtoolnix
mkvtoolnix mpgtx oggz ogmrip ogmtools schroedinger subrip
subtitleripper swftools transcode x264 xine-lib xine-ui xvidcore
yle-dl GeoIP adns aget amsn ap-utils argus argus-clients arping
arpwatch avahi avahi avahi axel balance bird bird bitlbee bitlbee
bitlbee bitlbee bnc bro cadaver centerim cftp clamz climm clive crawl
curl dclib dhcping dictd dnscrypt-proxy dnsmasq dnstracer dxpc
dysnomia echoping epic4 ettercap ettercap ez-ipupdate filezilla
firewalk flickcurl flow-tools flvstreamer fmirror freetalk gloox
gmudix gopher gssdp haproxy httptunnel icb icecast ices ices2 icmpinfo
iftop igmpproxy ike-scan inadyn ipaudit irc ircII ircd-hybrid
ircd-ratbox irssi-silc isc-bind isc-dhcp jabberd jabberd jnettop
ktorrent ldistfp lftp libbgpdump libbind libcares libdnet libgadu
libircclient libnids liboauth libshout libsmi libst libtorrent libupnp
livemedia luasocket luasocket meanwhile microblog-purple mktorrent
mrtd mrtg mtr mtr mudix mutella nam ncftp neon netatalk ngrep nmap ns
nslint nslint nsping ntop ntp nylon ocsync olsrd opal openconnect
openvpn-auth-ldap osrtspproxy owamp p5-IO-Interface p5-Net-Patricia
p5-Net-RawIP p5-Net-TCLink packit pavuk pavuk pdnsd pen pidgin pidgin
pidgin-sipe pidgin-tlen pmacct poco poink poptop powerdns ptpd putty
py-adns py-libpcap quagga queso quirc radiusd-cistron rbldnsd
retroshare rrdtool rtmpdump rtorrent ruby-eventmachine
ruby-eventmachine ruby-eventmachine serf sharity-light si silc-client
silc-server silc-server sing sipcalc sipsak snort socat spectrum
ssldump ssvnc synergy tacacs+ tcludp tcpflow tcpreplay tcpslice
tcpstat tcptrace thcrut tintin++ tinyfugue tircproxy tn5250 totd trafd
trafshow trickle udns ushare uucp vncsnapshot weechat weex wget
wide-dhcp winexe wmifinfo wmwave xchat xl2tpd xmlrpc-c yafc yaz ytalk
ytalk ziproxy znc zsync leafnode newsfetch nn pan plor slrn tin trn
9wm larswm sam u9fs w9wm wily a2ps bibview cups cups-filters detex
enscript fontforge foo2zjs foomatic-filters ghostview gtklp gutenprint
gv htmldoc libXp libpaper lilypond lout lyx pdflib poppler poppler
psutils t1utils transfig aqbanking gnucash ledger osmo siag sunbird
taskwarrior tdl workrave xinvest xquote aide aircrack-ng antisniff
bfbtester bounix ccid ccrypt cfs clamav cracklib cryptcat cvechecker
cyrus-sasl2 cyrus-sasl2 cyrus-sasl2 cyrus-sasl2 cyrus-sasl2 dsniff
dsniff fcrackzip fragrouter gnupg gnupg gnupg2 gnutls hlfl
hs-cryptohash hydra its4 john libassuan libfprint libgcrypt libgsasl
libident libksba libmcrypt libnettle libotr libssh libssh2 logsurfer
luacrypto lxnb mcrypt nbaudit nss oath-toolkit opencdk opensc ophcrack
outguess p11-kit p5-Crypt-Serpent p5-Digest-Nilsimsa p5-Digest-Skein
p5-Net_SSLeay parse passwdqc pgp pgp5 pinentry py-cryptkit py-openssl
samdump2 samhain samhain samhain shash shash stegdetect steghide
strobe tcltls xca xmlsec zebedee zkt bash dash ksh93 sash scsh zsh
apcupsd augeas bacula bacula bacula bchunk bubblemon-dockapp cfengine
clusterit clusterit conky conky conky conky conky coreutils dcfldd
duplicity dvd+rw-tools dwdiff e2fsprogs eventlog freeipmi ggrep gource
grub idled ipmitool ktsuss libretto-config libvirt logstalgia modlogan
mtools multitail ncdu ntfs-3g p5-Proc-ProcessTable pciutils pv radmind
rdiff-backup rtty sdd setquota shunt skill smartmontools socket
syslog-ng tarsnap tcplist testdisk usbutils whowatch wmcb wmcube xbatt
xbattbar xjobs xps zap astmanproxy fobbit iaxclient iaxmodem libosip2
pjsua siproxd sofia-sip spandsp stuntman TclXML antiword arabica
calibre catdoc catdoc diffstat discount docbook-to-man enchant eruby
exempi gdiff glimpse gnuvd groff gsed gtranslator highlight hunspell
hyperestraier icu4c idiff iksemel isearch ispell jq lgrind libical
libwbxml libxml libxslt link-grammar lq-sp mgdiff mupdf mxml namazu
oniguruma openjade opensp ots p5-Text-Aspell p5-XML-SAX-ExpatXS par
patchutils pdftk pinfo py-lxml py-xml raptor rarian rasqal redland
ruby-hpricot ruby-hpricot ruby-hpricot ruby-nokogiri ruby-nokogiri
ruby-nokogiri ruby-rdiscount ruby-rdiscount ruby-rdiscount
ruby-redcloth ruby-redcloth ruby-redcloth rxp sablotron sgmlformat sim
sp spiff swish-e uncrustify vislcg3 wdiff xpdf analog ap2-mod_fastcgi
ap2-mod_jk apache-httpd cgit chromium chromium cntlm cronolog
dansguardian dillo elinks fcgi goaccess gtkhtml3 gtkhtml4 haserl
haserl haserl haserl hiawatha larbin libghttp lighttpd lighttpd
lighttpd lighttpd links links+ links+ man2web mod_auth_bsd
mod_auth_kerb mod_auth_pgsql mod_bandwidth mod_fastcgi mod_geoip
mod_gzip mod_jk mod_mp3 mod_mp3 mongrel2 opengroupware
p5-CGI-SpeedyCGI p5-HTML-Embperl p5-HTTP-Parser-XS pound retawq sarg
sarg slowhttptest snownews sogo sope sthttpd swiggle tidyp tinyproxy
tntnet varnish visitors w3m w3m w3m w3m webalizer webkit webkit wml
www6to4 wwwcount wwwoffle yaws Xaw3d XawMu Xdialog afterstep amiwm
asapm asfiles astime bbdate bbpager blackbox bricons byzi chbg ctwm
dbus dclock driftnet emiclock enlightenment eterm eterm fleditor fltk
fluxbox fluxter flwm freerdp fsv fvwm2 fvwm95 gbdfed gentoo goggles
gtk+ gtk+2 gtk+3 gtk2mm gtk3mm gtkdatabox i3 i3status icewm ion
irrlicht isomaster itk jwm krusader lupe mlterm mouseclock mowitz
mplayer mrxvt mterm mxconns neXtaw nitrogen ogle ogre openmotif
oroborus p5-Tk p5-Tk-TableMatrix p5-Wx piewm pypanel qt3 qvwm
ratpoison rdesktop remmina rep-gtk rox-filer roxterm rxvt rxvt-unicode
sakura sawfish sisctrl sliderule slim swisswatch tellico tkdnd tkhtml
tktable tktray tktreectrl treewm tvtwm uwm viewfax virt-viewer vlc
waimea windowmaker wmbutton wmclock wmclockmon wmii wminfo wmitime
wmmenu wmmenu wmthemeinstall wmtime wmtz wmweather wmx wterm wxWidgets
x11vnc x2vnc xantfarm xarchive xautolock xawtv xbae xcb xco xcoloredit
xdaliclock xdesktopwaves xdmchoose xdtm xdu xfed xfm xforms xglobe
xglobe xgrab xkeycaps xloadimage xmascot xmold xplot xpostit
xpostitPlus xprompt xruskb xscreensaver xscribble xtacy xtraceroute
xtu xvkbd xwrits xzoom yeahconsole
Quite worrying. The odds of overflow or truncation are very high.
(2) The above sprintf numbers are quite worrying. On the bright side,
snprintf utilization is probably better than a few years ago.
1810 (38% of 3535) of packages use it.
gcpio gshar+gunshar gtar gtar libarchive libmspack libtar libzip lzop
par2cmdline sltar unshield xz celestia dgpsip gcal wmspaceweather
aqualung ardour audacious audacious-plugins cdparanoia celt celt051
celt07 cmu-sphinxbase daapd deadbeef easytag esound espeak fluidsynth
gimmix gmpc gnomad2 gqmpeg grip gtkpod herrie hgd hydrogen jack libao
libcanberra libcdaudio libcddb libcdio liblo libmikmod libmp3splt
libmpd libmpdclient libnjb libsndfile libworkman lmms midish mikmod
milkytracker mp3blaster mp3splt mp3splt-gtk mpc mpd mpd mpdscribble
mpg123 mpg321 mt-daapd multimux mumble ncmpc nosefart openal opennap
opus-tools p5-Audio-Scan pianobar pms pulseaudio py-vorbis rioutil
rplay rtunes schismtracker shell-fm soundtracker sox speech-dispatcher
speex streamripper swh-plugins tagtool teknap timidity twolame umurmur
vagalume vorbis-tools vorbisgain wmmp wmmp3 wmtune wmtune xhippo
xmms-mad xmms-sid xmms2 xmms2-scrobbler xmp blogbench bonnie++ httperf
netperf siege sysbench sysbench sysbench nutdb geda-gaf gerbv gtkwave
kicad ngspice pcb xcircuit amtterm birda c3270 conserver efax fldigi
gnokii hamlib hylafax hylafax jpilot lcdproc minicom obexftp owx
picocom pilot-link scmxx smstools tlf wy60 xastir libdvdcss libpst
libunistring p5-Convert-UUlib p5-JSON-XS p5-Unicode-LineBreak pflogx
ripmime wv2 apache-couchdb dbic++ evolution-data-server freetds gnats
gq iodbc kyotocabinet leveldb libdbi libdbi-drivers luadbi luadbi
mysql openldap openldap openldap23 p5-DBD-Pg pg_statsinfo pg_top
pgadmin3 pgbouncer pgpool postgresql postgresql-odbc postgresql-plv8
py-ldap redis repmgr ruby-amalgalite ruby-bdb ruby-do_postgres
ruby-do_postgres ruby-mysql ruby-mysql strigi tdb virtuoso xapian-core
ORBit2 atlas autogen avrdude bzr ccrtp cflow cgdb check chmlib
cmockery codeblocks commoncpp cppcheck cscope cunit cvslock cvsps
darcs dotconf doxygen doxygen droplet erl-ejson erl-jiffy flex gdb
geany gettext gflags git glib2 glog gmp gpatch gtest gwenhywfar
harfbuzz imake json-c lam libast libaudiofile libclog libconfig
libdaemon libdvdread libee libgtop2 libhid libio libivykis libixp
libmagic libmemcached libmtp liboil libplist libsoup libspectrum
libusb-compat libusb1 libxsvf libyajl llvm log4c lua-cjson lua-cjson
m4 mcs mowgli mspdebug mysql++ nasm ninja ocaml-pcre omake opencm
openmpi openocd orc p5-Devel-NYTProf physfs protobuf protobuf-c
py-gobject py-gobject3 py-gobject3 py-radix py-setproctitle
py-setproctitle pygame pysvn readline remake ruby-home_run ruby-kgio
ruby-ncurses sdl sdl-sound sfio simulavr sparsehash splint srecord
startup-notification subversion tclcl tla varconf vte vte3 abiword
dhex emacs emacs emacs fte gummi hnb ht ht joe ldapvi nvi nvi nvi-m17n
nvi-m17n scite se zile drgeo verbiste BasiliskII bochs bochs coldfire
desmume dgen-sdl dgen-sdl dosbox dynamips fceux frodo fs-uae fuse
fuse-utils gxemul mednafen nestopia openmsx qemu sdlmame sdlmess
snes9x stella vbam xnp2 abuse afternoonstalker armagetronad barrage
batrachians blobby blobwars burgerspace bzflag capitan-sevilla
chocolate-doom chroma clines clonekeen corewars cosmosmash
crossfire-client csmash dangerdeep defendguin dungeon-crawl eboard
eduke32 egoboo einstein eliot enigma extremetuxracer f1spirit
freedroidrpg frozen-bubble gargoyle glsfcave grhino gtetrinet
hex-a-hop icebreaker irrlamb kobodeluxe kobodeluxe late lbreakout2
lincity-ng manaplus meandmyshadow micropolis minetest moonlander
moonlander netris numptyphysics oilwar openarena opensonic openttd
openxcom pingus pioneers pokerth prboom prboom-plus pushover qstat
quake2 roadfighter scorched3d scummvm scummvm-tools snipe2d spacezero
spatial speeddreams stepmania stone-soup stone-soup sudognu
sudoku-solver supertux supertuxkart teeworlds toppler tutris tuxpaint
tuxpaint-config uqm vodovod warmux warzone2100 wesnoth wesnoth
widelands wmtictactoe wordwarvi xboard xboing xcowsay xgalaga-sdl
xkobo xkobo xmoto xsoldier gdal geos gpsbabel osm2go postgis qgis
viking amide aqsis argyll asymptote babl blender cairo colord
darktable dcraw dmtx-utils dpic dumpmpeg exiftran exiv2 feh ffmpeg
fswebcam gegl geomview gfract giflib gphoto2 gpicview grap gtkam hugin
imlib inkscape jasper jbig2dec jhead jpeg lcms lcms2 lensfun leptonica
libcaca libdmtx libexif libgexiv2 libgphoto2 libiptcdata libkexiv2
libpano13 libqrencode libraw libvidcap luvcview mandelbulber mhgui
mscgen netpbm node-canvas opencv openimageio p5-GD p5-Image-EXIF
p5-Imager povray py-matplotlib qiv quesoglc rawstudio ruby-rmagick
s10sh sane-backends scrot simgear sxiv tesseract tgif tiff tkimg ufraw
vcdimager videod wmgrabimage wmphoto xfig xsane xsane zbar anthy ibus
scim scim-hangul scim-pinyin uim uim-chewing canna kinput2 kinput2
kinput2 jlint hanterm-xf classpath eltclsh gawk gfortran ghc hugs io
iverilog jamvm jimtcl librep libv8 mono newlisp node obc open-cobol
parrot pcc petite-chez racket rubinius sbcl swi-prolog tinyscheme
unicon abook akpop3d alpine altermime avenger avenger bmf bogofilter
bogofilter bogofilter bogofilter clamsmtp claws-mail claws-mail
courier-authlib courier-imap cue cyrus-imapd cyrus-imapd dkim-milter
dspam dspam dspam dspam evolution evolution-ews exim exim exim exim
exim fetchmail hashcash hypermail hypermail imapfilter imapproxy
ldapvacation libetpan libspf2 lumail maildrop mew milter-checkrcpt
milter-greylist milter-regex milter-spamd mimedefang mini_sendmail
mixmaster mlmmj msmtp nmh nmh nmzmail osbf-lua osbf-lua perdition
s-nail smsmail smtp-vilter smtp-vilter smtpclient solid-pop3d
solid-pop3d sympa teapop tkrat wmbiff wmmultipop3 wmpop3 R calc calcoo
fftw3 fftw3 foma freemat galculator gnumeric gnuplot gnuplot kst
libqalculate mathomatic mcl py-numpy sc udunits wcalc wmcalc amanda
brltty cdrdao cdrdao findutils geekcode gnuwatch gpsd lifelines
magicpoint memcached most openbabel randtype redshift rlwrap srcpd
supercat uniutils wmmand wordnet xcdroast zzuf dvdauthor dvdbackup
dvdstyler ffmpeg2theora imagination k3b libdv libdvdnav libmms
libmp4v2 libquicktime libvpx lives lsdvd mediatomb ming minidlna
mjpegtools mjpegtools mkvtoolnix mkvtoolnix oggz ogmrip
p5-Storable-AMF subrip subtitleripper swfmill swftools transcode
vitunes x264 xine-lib xine-ui yle-dl GeoIP adsuck aget aguri aiccu
amsn amule angst ap-utils argus argus-clients arp-scan arpcatch arpd
arping avahi avahi avahi axel balance bro btpd bwm-ng cadaver centerim
cgo climm cnupm crawl cvsync daq darkstat dclib dictd dnsmasq dnstop
dsocks ekg epic4 etherape ettercap ettercap ez-ipupdate ezstream
farstream filezilla flow-tools flowd flvstreamer fmirror fping
freetalk ftpsesame gopher gophernicus gotthard haproxy honeyd icb
icbirc icecast ices ices2 ifmcstat ifstat iftop igmpproxy ii ike-scan
inadyn iodine ipcad iperf ipfm iplog ipv6calc ircII ircd-hybrid
ircd-ratbox irssi irssi irssi-icb irssi-silc isc-bind isc-dhcp jabberd
jabberd jftpgw jnettop kismet kissd ktorrent ladvd ldistfp lftp
libbgpdump libdnet libgadu libircclient libktorrent liboauth
libpcapnav librsync libshout libtorrent libupnp livemedia lldpd
mcabber microblog-purple mosh mrtd mrtg mtr mtr mutella nbtscan ncftp
nemesis nepenthes nepim netatalk netbsd-iscsi-target nfdump ngircd
nmap ns nsping ntp nylon ocsync oidentd olsrd onioncat opal
openconnect openmdns openvmps ortp owamp p5-Net-DBus packit pavuk
pavuk pchar pdnsd pen pfstat pidgin pidgin pidgin-icb pidgin-tlen
pktstat plushs pmacct pop3gwd poptop pork powerdns pptp proxy-suite
psi pure-ftpd pure-ftpd pure-ftpd pure-ftpd pure-ftpd pure-ftpd
pure-ftpd pure-ftpd putty py-pcapy quagga radiusd-lucent rbldnsd
retroshare rrdtool rsync rsync rtmpdump rtorrent ruby-eventmachine
samba samba samba scamper si silc-client silc-server silc-server
sipcalc sipsak slurm snort socat softflowd spectrum spectrum-tools
sslh synergy tcludp tcpflow tcpreen tcpreplay tcpstat tcptrace thcrut
tn5250 tor torsocks totd transmission trickle unbound unworkable
ushare valknut vnstat vsftpd weechat wget wide-dhcpv6 winexe wmifinfo
wmnet xchat xl2tpd xmlrpc-c xmlrpc-epi xorp xprobe yersinia ysmv7
ziproxy znc zsync leafnode pan slrn tin yencode sam w9wm apvlv cups
cups-filters fontforge foomatic-filters gtklp gutenprint gv htmldoc
lilypond lss mpage poppler poppler splix aqbanking calcurse gnucash
sunbird taskwarrior workrave aide aircrack-ng amap antisniff arirang
assl bfbtester bsd-airtools ccid cfs chntpw clamav cracklib ctunnel
cvechecker cyrus-sasl2 cyrus-sasl2 cyrus-sasl2 cyrus-sasl2 cyrus-sasl2
dante dsniff dsniff erl-bcrypt fragroute fragrouter gnupg gnupg gnupg2
gnutls gpgme hlfl hydra ikeman ipguard jailkit kc klaxon libassuan
libgcrypt libgsasl libotr libpwquality libssh libssh2 libtasn1 mcrypt
netpgp node-bcrypt nss oath-toolkit openpam opensc ophcrack otpcalc
outguess p11-kit p5-Net_SSLeay pcsc-lite pinentry pwsafe pwsafe
py-bcrypt py-crack py-pykpass scanlogd scanssh sentinel siphon
smbsniff ssh-ldap-helper sshguard sshguard stegdetect stunnel
tempwatch towitoko vomit vpnc wpa_supplicant xca zebedee zkt bash nsh
osh anacron apachetop apcupsd augeas autossh bacula bacula bacula
bubblemon-dockapp cfengine clusterit clusterit colorls conky conky
conky conky conky consolekit coreutils cyphertite dcfldd ddrescue
detox diskrescue downtimed dwdiff e2fsprogs eventlog faubackup
freeipmi fsstress gamin gource gpioflicker hot-babe hotplug-diskmount
iogen ipmitool librelp libstatgrab libvirt logfmon login_ldap
login_oath logstalgia lsof modlogan monit mtools multitail multitime
ncdu ntfs-3g openpoppassd p5-Sys-Virt pciutils pftop pv radmind rancid
rsyslog shmux sleuthkit smartmontools symon syslog-ng tabled testdisk
toad toprump torture tpb tray-app upsd uptimed usbutils vifm whowatch
wmwlmon xjobs xstatbar xuvmstat ykpers astmanproxy iaxclient iaxmodem
libosip2 pjsua siproxd sofia-sip spandsp TclXML calibre clucene
diction eruby exempi gdiff gnuvd groff highlight libical liblrdf
libnxml libxml libxmlsd libxslt link-grammar mupdf mxml namazu
p5-Template p5-Text-Tmpl pinfo raptor rarian rasqal redland
ruby-redcarpet ruby-redcarpet ruby-redcarpet sablotron sphinx sphinx
tinyxml tre uncrustify urlview urlview wdiff xxdiff zoem ap2-mod_jk
aria2 bozohttpd cgit chromium chromium clearsilver cntlm dansguardian
dillo elinks ffproxy goaccess haserl haserl haserl haserl havp
hiawatha http_load http_ping junkbuster larbin lighttpd lighttpd
lighttpd lighttpd links+ links+ mod_auth_bsd mod_auth_kerb
mod_auth_pgsql mod_jk mod_ldapvhost mod_mp3 mod_mp3 mod_ruby mongrel2
mozplugger newsbeuter nostromo opengroupware polipo pound privoxy
ruby-passenger ruby-passenger ruby-unicorn sarg sarg snownews sope
spawn-fcgi squidclamav sthttpd surf tinyproxy varnish visitors
webalizer webkit webkit wml xapian-omega xombrero aewm afterstep
awesome bbpager dbus dclock dmenu driftnet dwm e16keyedit echinus
enlightenment eterm eterm evilwm fbpanel fltk fluxbox freerdp fsv gaia
golem gtk+2 gtk+3 gtk-vnc i3 i3status icewm ion irrlicht isomaster jwm
libfm mlterm mowitz mplayer mrxvt mterm netwmpager nitrogen ogle
ogle_gui ogre openmotif oroborus pbrowser pcmanfm pinot pwm rdesktop
remmina rendercheck rxvt-unicode sawfish skippy slim spectrwm
spice-gtk st stalonetray tabbed tint tkhtml treewm vlc windowlab
windowmaker wm2 wmcalclock wmclockmon wmfishtime wmthemeinstall wmtz
wmx x11vnc xbindkeys xcb xfe xforms xloadimage xplanet xrestop
xscreensaver xsel xsnow xwrits
Finally, I would like to take this opportunity to remind everyone of
this piece from the strlcpy(3) manual page found at
http://www.openbsd.org/cgi-bin/man.cgi?query=strlcpy
[...]
RETURN VALUES
Besides quibbles over the return type (size_t versus int) and signal
handler safety (snprintf(3) is not entirely safe on some systems), the
following two are equivalent:
n = strlcpy(dst, src, len);
n = snprintf(dst, len, "%s", src);
Like snprintf(3), the strlcpy() and strlcat() functions return the total
length of the string they tried to create. For strlcpy() that means the
length of src. For strlcat() that means the initial length of dst plus
the length of src.
[...]
snprintf, strlcpy, and strlcat are used in exactly the same way.
Using .o file symbols like above does not prove to us whether people
are using the APIs in the most careful way -- that would require a
source code inspection. But to provide an example, bind9 contains 114
uses of snprintf which don't check the return value to spot
truncation, with code like the following
char buf[DNS_NAME_FORMATSIZE + sizeof(": TSIG ''")];
[...]
char namebuf[DNS_NAME_FORMATSIZE];
dns_name_format(&zone->tsigkey->name, namebuf,
sizeof(namebuf));
snprintf(buf, sizeof(buf), ": TSIG '%s'",
namebuf);
Fine, maybe it is safe, of the "it has been audited, and next time
someone is here, they will audit it again". I also don't have time to
verify this or the 113 other cases, nor is it my job.
I bring this up to ask why strlcpy/strlcat are being held to some
arbitrary standard that they should handle truncation better .. when
it is the case that it is handling it JUST LIKE the commonplace
snprintf API. Right here in mainstream code, we see that snprintf's
return is not being handled, against best practice taught everywhere.
Should snprintf call abort? That's ridiculous. Should it crash?
What should it do? The fact that no other function of that sort has
ever made it into the mainstream perhaps shows the arguments are weak.
If something is better, take some real software and fix it.
To upstream authors of software who are using the functions: please
continue incorporating more of them into your software, because it is
good for the users of your software. Please check the return values
to spot truncation as described the manual page, and properly handle
that condition in the best way you can based on the location of the
call. Thanks!
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic