Boost logo

Boost :

From: Rob Stewart (stewart_at_[hidden])
Date: 2004-05-13 13:18:38


From: John Nagle <nagle_at_[hidden]>
>
> Remember, a major purpose of char_string is to stop buffer
> overflow attacks. It's primarily for retrofit to old
> code. New code should use <string>.

A buffer overflow occurs when data overwrites allocated memory.
A small string optimization class won't encounter that problem
unless there is insufficient memory for allocation. Thus, a
"never grows" class and a small string optimization class
permitting you to determine the stack allocation size solve the
overflow problem. (Whether permitting arbitrarily large buffers
of incoming data without overflow bugs is beneficial is another
matter.)

-- 
Rob Stewart                           stewart_at_[hidden]
Software Engineer                     http://www.sig.com
Susquehanna International Group, LLP  using std::disclaimer;

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk