Glenn Fowler <gsf@xxxxxx> wrote, on 01 Aug 2008:
>
> On Fri, 1 Aug 2008 17:07:15 +0100 Geoff Clare wrote:
> > Glenn Fowler <gsf@xxxxxx> wrote, on 01 Aug 2008:
> > > interesting that clearenv() is labeled non-standard and
> > > then used as part of a compliant solution
>
> > Well, it does say it may be used "if available":
>
> I saw that and believe that "compliant" and "if available"
> are mutually exclusive, i.e., compliance should be w.r.t.
> the standard and not the output of ./configure
I see what you mean. It does seem a little odd at first, but it
makes sense once you realise the heading "Compliant Solution" means
the code complies with the CERT C Secure Coding Standard, whereas
the "non-standard" label means the function is not in C99/POSIX.
--
Geoff Clare <g.clare@xxxxxx>
The Open Group, Thames Tower, Station Road, Reading, RG1 1LX, England
|