Create an Account
username: password:
 
  MemeStreams Logo

RE: The Security Development Lifecycle : VC 2010 and memcpy

search


RE: The Security Development Lifecycle : VC 2010 and memcpy
by Decius at 12:13 am EST, Feb 18, 2010

Security Reads wrote:

A year ago, I wrote a short post about us banning memcpy in the SDL for new code. Well, I’m happy to announce that in VC++ 2010, we have made it much easier to remove potentially insecure calls to memcpy and replace them with more secure calls to memcpy_s; it’s automagic, just like we do did for other banned functions!

So wait... Now the "S" actually DOES stand for "secure!?" Now all those people who figured out that we were lying about "sprintf" are REALLY gunna be confused.

RE: The Security Development Lifecycle : VC 2010 and memcpy


 
 
Powered By Industrial Memetics