Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Try to make it so we can use memcpy_s and strnlen on macOS and Linux #7699

Closed
MRayermannMSFT opened this issue Jan 24, 2024 · 1 comment
Closed

Try to make it so we can use memcpy_s and strnlen on macOS and Linux #7699

MRayermannMSFT opened this issue Jan 24, 2024 · 1 comment
Assignees
@JasonYeMSFT
Labels
🧪 engineering Related to some internal engineering improvements ✅ won't fix Will not be worked on
Milestone
1.33.0

Comments

@MRayermannMSFT
Copy link
Member

Modify native code for macOS and Linux to use memcpy_s and strnlen if they are defined.
@MRayermannMSFT MRayermannMSFT added the 🧪 engineering Related to some internal engineering improvements label Jan 24, 2024
@MRayermannMSFT MRayermannMSFT added this to the 1.33.0 milestone Jan 24, 2024
@JasonYeMSFT
Copy link
Contributor

I did much more thorough investigation around the secure version of functions on Mac and Linux. I am confident that the secure version of functions are not implemented by any version of gcc or Apple clang that we may use. Given the limited usage of memcpy in our code, we can confidently say that our limited usage of these functions are secure since we always initialize the destination buffer right before the memcpy call and we guarantee that we always copy less bytes to the buffer than its size.

@JasonYeMSFT JasonYeMSFT added the ✅ won't fix Will not be worked on label Jan 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@JasonYeMSFT JasonYeMSFT

Labels
🧪 engineering Related to some internal engineering improvements ✅ won't fix Will not be worked on
Projects
None yet
Milestone
1.33.0
Development

No branches or pull requests
2 participants
@MRayermannMSFT @JasonYeMSFT