|Title||MPS VC9 build failure C4996: getenv considered insecure|
|Assigned user||Richard Kistruck|
|Description||MPS VC9 build failure C4996: getenv considered insecure|
MPS build fails with Microsoft Visual C++ 2008 (version 9, aka VC9),
because of three C runtime library routines facilities used by the
example ANSI plinth and by testlib.c. (Note: these are not in the
MPS library itself).
Reported by VC9 as:
warning C4996: '<name>': This function or variable may be unsafe.
Consider using <other-name> instead. To disable deprecation, use
_CRT_SECURE_NO_WARNINGS. See online heklp for details.
mpsioan.c (fopen et al);
eventcnv.c (fopen ,sscanf, strncpy)
Fix is #pragma warning ( disable : 4996 ).
Are these particular warning cases really a security risk to
production code using MPS? No.
mps_lib_telemetry_control() in mpsliban.c is only called in
telemetry-log-event varieties, which is not normally used in a
production environment. Also, it's hardly risky code.
Indeed, even reading CERT Secure Coding note ENV-00 about this,
it's hard to see what the risk is:
mpsioan.c is only used in telemetry-log-event varieties. And what's
wrong with fopen() exactly?
testlib.c is only used in MPS tests, of course, so no risk.
eventcnv.c is not used in production environment.
Could this warning show up some other genuine problem? Possibly, yes.
So should this warning be disabled globally? No.
Locally? Yes, we can do that: in mpsliban.c the getenv is in the
final function. Add a note to make it clear.
The #pragma should be ifdef'd for MPS_BUILD_MV. (VC6 accepts it,
therefore no need to ifdef'd for MSVC version). Note that
MPS_BUILD_MV is set by mpstd.h (target detection), which all
affected .c files include.
Same for sscanf in newly-written zcoll.c (test file).
|Created by||Richard Kistruck|
|Created on||2008-09-29 17:27:39|
|Last modified by||Richard Kistruck|
|Last modified on||2009-02-16 15:12:24|
|History||2008-09-29 RHSK Created.|
2008-10-17 RHSK How to disable the warning in the right way & place
2008-10-20 RHSK eventnv.c also fails; full warning text
2008-11-03 RHSK (tweak) say C4996 in job title
2009-02-16 RHSK Same for sscanf in newly-written zcoll.c (test file).
|167379||closed||2009-02-16 14:57:54||Richard Kistruck||MPS br/timing zcoll.c: (fix compiler warning for w3i3m9) VC9 warns that sscanf is unsafe; disable this warning for zcoll.c. See also job001934.|
|166497||closed||2008-10-20 15:12:15||Richard Kistruck||MPS br/vc9: under ifdef MPS_BUILDER_MV, disable warning 4996 where
necessary for VC9 builds.