...
| Code Block | ||
|---|---|---|
| ||
#include <stdio.h> #ifndef __USE_ISOC99 #include "my_stdio.h" /* reimplements vsnprintf() */ #include "my_stdio.h" #endif |
Risk Assessment
Replacing secure functions with less secure functions is a very risky practice, because developers can be easily fooled into trusting the function to perform a security check that is absent. This may be a concern, for example, as developers attempt to adopt more secure functions, like the ISO/IEC TR 24731-1 functions (see STR07-A. Use TR 24731 for remediation of existing string manipulation code) that might not be available on all platforms.
...