[gdal-dev] Call for review on RFC 105: Add and use safe path manipulation functions
Even Rouault
even.rouault at spatialys.com
Mon Jan 13 07:43:48 PST 2025
Hi,
nothing exciting, just robustness/enhanced security.
RFC 105 text: Add and use safe path manipulation functions:
https://github.com/OSGeo/gdal/pull/11640
Summary:
This RFC adds safe versions, for use by C++ code, of all functions of
cpl_path.cpp (such as CPLGetPath(), CPLGetDirname(), CPLGetBasename(),
CPLGetExtension(), CPLGetFormFilename(), CPLGetFormCIFilename(), etc.),
that returns a result stored in more or less ephemeral storage, to avoid
potential security issues related to their mis-use. It also covers
converting most of the code base to the safer alternatives.
Even
--
http://www.spatialys.com
My software is free, but my time generally not.
Butcher of all kinds of standards, open or closed formats. At the end, this is just about bytes.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/gdal-dev/attachments/20250113/333777f8/attachment.htm>
More information about the gdal-dev
mailing list