Hello Ad,
Yes ... I and many others have been aware of the safe string library for many years.
I personally see the safe string library as pointless because I believe it is no more
safe than what has been used for 75 years.
I posed the following question to ChatGPT a few minutes ago:
There are millions of lines of code that use strcpy. I am aware that strcpy_s is designed to make string copying safer and I understand how it claims to achieve that. However, it doesn't take much imagination to counter those claims, considering that the third argument of strcpy_s can hold a flawed value, leading to an immediate buffer overrun. Additionally, strcpy_s and likely all of the so-called "safe strings" take longer to complete their function, resulting in measurably slower application times.
What is the adoption rate of the "safe string" library, and are there any truly compelling expert opinions to support its use?
Here is ChatGPT's response:
The adoption rate of "safe string" functions like strcpy_s varies across different programming environments and industries. These functions are primarily promoted by Microsoft and have been integrated into the Microsoft C Runtime Library. Their usage is more prevalent in environments where security and robustness are critical, such as in enterprise and government software development.
One of the main arguments for using strcpy_s and similar functions is to enhance security by preventing buffer overflows. These functions include additional parameters that specify the size of the destination buffer, enabling the function to check and ensure that the buffer is large enough to hold the copied string. This reduces the risk of buffer overruns, which are common vulnerabilities in software that can lead to security breaches.
However, there are concerns and criticisms about these functions. Critics argue that the third argument in strcpy_s (the size of the destination buffer) can still be flawed, potentially leading to the same vulnerabilities it aims to prevent. Moreover, the additional checks performed by these functions can result in longer execution times, potentially slowing down applications, especially those where performance is critical.
In terms of expert opinions, while many security professionals advocate for the use of these safer functions to mitigate risks associated with buffer overflows, others highlight that proper coding practices and thorough validation of input and output sizes are equally effective in preventing such vulnerabilities. Additionally, some experts argue that relying on these non-standard, Microsoft-specific functions can lead to portability issues and lock the codebase into a specific platform.
In summary, while strcpy_s and similar functions offer a layer of safety by design, their adoption should be considered within the context of the specific requirements and constraints of the project, and balanced with best coding practices and performance considerations.