[gdal-dev] Call for review on RFC 105: Add and use safe path manipulation functions
Kurt Schwehr
schwehr at gmail.com
Mon Jan 13 14:45:01 PST 2025
While not exciting, definitely important. I didn't see anything to comment
on in the RFC.
Thanks for working on this!
-Kurt
On Mon, Jan 13, 2025 at 7:57 AM Even Rouault via gdal-dev <
gdal-dev at lists.osgeo.org> wrote:
> Hi,
>
> nothing exciting, just robustness/enhanced security.
>
> RFC 105 text: Add and use safe path manipulation functions:
> https://github.com/OSGeo/gdal/pull/11640
>
> Summary:
>
> This RFC adds safe versions, for use by C++ code, of all functions of
> cpl_path.cpp (such as CPLGetPath(), CPLGetDirname(), CPLGetBasename(),
> CPLGetExtension(), CPLGetFormFilename(), CPLGetFormCIFilename(), etc.),
> that returns a result stored in more or less ephemeral storage, to avoid
> potential security issues related to their mis-use. It also covers
> converting most of the code base to the safer alternatives.
>
> Even
>
> -- http://www.spatialys.com
> My software is free, but my time generally not.
> Butcher of all kinds of standards, open or closed formats. At the end, this is just about bytes.
>
> _______________________________________________
> gdal-dev mailing list
> gdal-dev at lists.osgeo.org
> https://lists.osgeo.org/mailman/listinfo/gdal-dev
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.osgeo.org/pipermail/gdal-dev/attachments/20250113/95f04b13/attachment.htm>
More information about the gdal-dev
mailing list