API and Build Changes
Bugs and security flaws are often caused by programmer error. A common source of error is the misuse of the strcpy and strcat string functions in the C programming language. There are two common alternatives, strncpy and strncat, but they can be difficult to understand and easy to misuse, so OpenBSD developers Todd C. Miller and Theo de Raadt designed the strlcpy and strlcat functions. These functions are logical and easier to use, making it harder for programmers to accidentally leave buffers unterminated or allow them to be overflowed. They have been adopted by the NetBSD and FreeBSD projects but have not been accepted by the GNU C library, the maintainer of which, Ulrich Drepper, vehemently opposes their incorporation on the grounds that programmers using them will cease to worry about the root issues inspiring their use, which may still be exploitable in a different way.
On OpenBSD, the linker has been changed to issue a warning when unsafe functions, such as strcpy, strcat or another string manipulation function that is often a cause of errors, sprintf, are found. All occurrences of these functions in the OpenBSD source tree have been replaced. In addition, a static bounds checker is included in OpenBSD in an attempt to find other common programming mistakes at compile time. Other security-related APIs developed by the OpenBSD project are issetugid and arc4random.
Read more about this topic: Open BSD Security Features
Famous quotes containing the word build:
“I am firmly opposed to the government entering into any business the major purpose of which is competition with our citizens ... for the Federal Government deliberately to go out to build up and expand ... a power and manufacturing business is to break down the initiative and enterprise of the American people; it is the destruction of equality of opportunity amongst our people, it is the negation of the ideals upon which our civilization has been based.”
—Herbert Hoover (1874–1964)