tags:

views:

555

answers:

7

The C standard library is notoriously poor when it comes to I/O safety. Many functions have buffer overflows (gets, scanf), or can clobber memory if not given proper arguments (scanf), and so on. Every once and awhile, I come across an enterprising hacker who has written his own library that lacks these flaws.

What are the best of these libraries you have seen? Have you used them in production code, and if so, which held up as more than hobby projects?

+2  A: 

For Windows there is a 'safe' C/C++ library.

Mitch Wheat
There are also posix version of these function, but their names are different. The rough solution is to use macros.
Robert Gould
+4  A: 

As an example of what I'm talking about, D.J. Bernstein, better known as djb, author of djbdns and qmail, has created djblib, which provides a fast, tight, secure alternative to many C standard library functions.

Benjamin Pollack
+4  A: 

This isn't really answering your question about the safest libraries to use, but most functions that are vulnerable to buffer overflows that you mentioned have safer versions which take the buffer length as an argument to prevent the security holes that are opened up when the standard methods are used.

Unless you have relaxed the level of warnings, you will usually get compiler warnings when you use the deprecated methods, suggesting you use the safer methods instead.

LeopardSkinPillBoxHat
A: 

Maybe the first question to ask is if your really need plain C? (maybe a language like .net or java is an option - then e.g. buffer overflows are not really a problem anymore)

Another option is maybe to write parts of your project in C++ if other higher level languages are not an option. You can then have a C interface which encapsulates the C++ code if you really need C.

Because if you add all the advanced functions the C++ standard library has build in - your C code would only be marginally faster most times (and contain a lot more bugs than an existing and tested framework).

Fionn
You're of course correct that avoiding C when not necessary is the best option, but there are times--including writing extensions to languages like Python--where you *have* to code in it, and it's nicer at those times to have a better library.
Benjamin Pollack
A: 

I believe the Apache Portable Runtime (apr) library is safer than the standard C library. I use it, well, as part of an apache module, but also for independent processes.

Yuval F
+5  A: 

I use GLib library, it has many good standard and non standard functions.

See http://library.gnome.org/devel/glib/2.18/

and maybe you fall in love... :)

For example:

http://library.gnome.org/devel/glib/2.18/glib-String-Utility-Functions.html#g-strdup-printf

explains that g_strdup_printf is:

Similar to the standard C sprintf() function but safer, since it calculates the maximum space required and allocates memory to hold the result.

kliketa
A: 

You're always at liberty to implement any library you like and to use it - the hard part is making sure it is available on the platforms you need your software to work on. You can also use wrappers around the standard functions where appropriate.

Whether it is really a good idea is somewhat debatable, but there is TR24731 published by the C standard committee - for a safer set of C functions. There's definitely some good stuff in there. See this question: Do you use the TR 24731 Safe Functions in your C code?, which includes links to the technical report.

Jonathan Leffler