[Passwordsafe-devel] Concerns with use of security enhanced string functions

[Steffen R. <ste...@st...>]

Hi,

recently I decided to dedicate myself to helping with porting pwsafe to
PocketPC.
So far, I managed to configure the build environment correctly (at least
I hope it is) for PocketPC compilation. The trouble is now, that only in
the corelib project 244 compile errors are raised, much of them
referring to security enhanced string functions introduced with CRT 8.0/
VS2005 (e.g. _stprintf_s is used instead of _stprintf earlier).
Though these function calls are in #ifdef blocks testing for VS2005 or
newer, this doesn't seem to be good enough. I suppose, these new
functions are available only in the native Win32 C library, not in the
PocketPC versions.

Additionally, there seem to be backwards compatibility issues with some
of these functions. According to, for instance
http://msdn2.microsoft.com/en-us/library/ce3zzk1k(VS.80).aspx ,
_stprintf_s is identical to swprintf_s, but this is not supported by Win9x.

Thus, I want to raise the question, whether it is a good idea to make
use of these security enhanced functions, in our opinion.
I can see two possible solutions for that:

1. Leave these new functions aside and stick to ANSI C string operations.

2. Use the new functions where ever possible. To improve code then, the
differentiation between old and new functions should be encapsulated in
one class. On the other hand, this wouldn't solve backwards
compatibility issues.

I'm personally more in favour of the first approach, because it makes
porting to other platforms and OSs easier.


One point concerning the port the PocketPC: Don't expect so much
progress soon, as I'm not so much familiar with C++ and with pwsafe's
source code. This forces to read a lot first :-)
However, I'm planning to post a few questions and ideas soon, continuing
the discussion Robert Altmann kicked off last year. But I'm not ready
with these yet.


Any comments?

Cheers,

Steffen