Boost :

From: Rob Stewart (stewart_at_[hidden])
Date: 2004-05-13 13:18:38

• Next message: David Bergman: "RE: [boost] Re: static sized strings"
• Previous message: Robert Ramey: "[boost] boost][serialization] Adding State to Archives"
• In reply to: John Nagle: "[boost] Re: static sized strings"

From: John Nagle <nagle_at_[hidden]>
>
> Remember, a major purpose of char_string is to stop buffer
> overflow attacks. It's primarily for retrofit to old
> code. New code should use <string>.

A buffer overflow occurs when data overwrites allocated memory.
A small string optimization class won't encounter that problem
unless there is insufficient memory for allocation. Thus, a
"never grows" class and a small string optimization class
permitting you to determine the stack allocation size solve the
overflow problem. (Whether permitting arbitrarily large buffers
of incoming data without overflow bugs is beneficial is another
matter.)

-- 
Rob Stewart                           stewart_at_[hidden]
Software Engineer                     http://www.sig.com
Susquehanna International Group, LLP  using std::disclaimer;

• Next message: David Bergman: "RE: [boost] Re: static sized strings"
• Previous message: Robert Ramey: "[boost] boost][serialization] Adding State to Archives"
• In reply to: John Nagle: "[boost] Re: static sized strings"

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk