Microsoft Bans Memcopy()
This seems smart:
Microsoft plans to formally banish the popular programming function that's been responsible for an untold number of security vulnerabilities over the years, not just in Windows but in countless other applications based on the C language. Effective later this year, Microsoft will add memcpy(), CopyMemory(), and RtlCopyMemory() to its list of function calls banned under its secure development lifecycle.
Here's the list of banned function calls. This doesn't help secure legacy code, of course, but you have to start somewhere.
Posted on May 20, 2009 at 6:17 AM • 85 Comments