Create an Account
username: password:
 
  MemeStreams Logo

MemeStreams Discussion

search


This page contains all of the posts and discussion on MemeStreams referencing the following web page: The Security Development Lifecycle : VC 2010 and memcpy. You can find discussions on MemeStreams as you surf the web, even if you aren't a MemeStreams member, using the Threads Bookmarklet.

The Security Development Lifecycle : VC 2010 and memcpy
by Security Reads at 12:54 pm EST, Feb 17, 2010

A year ago, I wrote a short post about us banning memcpy in the SDL for new code. Well, I’m happy to announce that in VC++ 2010, we have made it much easier to remove potentially insecure calls to memcpy and replace them with more secure calls to memcpy_s; it’s automagic, just like we do did for other banned functions!


 
RE: The Security Development Lifecycle : VC 2010 and memcpy
by Decius at 12:13 am EST, Feb 18, 2010

Security Reads wrote:

A year ago, I wrote a short post about us banning memcpy in the SDL for new code. Well, I’m happy to announce that in VC++ 2010, we have made it much easier to remove potentially insecure calls to memcpy and replace them with more secure calls to memcpy_s; it’s automagic, just like we do did for other banned functions!

So wait... Now the "S" actually DOES stand for "secure!?" Now all those people who figured out that we were lying about "sprintf" are REALLY gunna be confused.


 
 
Powered By Industrial Memetics