apr-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tristan Leask <Tristan.Le...@enghouse.com>
Subject APR a Safe C library?
Date Fri, 28 Aug 2015 10:04:35 GMT
Hi all,

Not sure if this is the right place to ask or not, so sorry if it isn't.

I am currently using the APR library in conjunction with the Active MQ CPP connector, so that
I can produce and consume topics over an Active MQ bus.  Recently I have asked to evaluate
the security of our system and the components that it uses.  One of those requirements is
to make sure that the software is protected as best as it can be from buffer exploits, and
one way of doing this is to make sure that safe C libraries are being used with C code, and
that C++ code uses safe API equivalents, e.g. strncpy() to strncpy_S().

Reading the APR site, it says that you take security very seriously, so I am assuming that
the library should be ok for this.  I could potentially get someone to look in to the code,
but I thought it would be quicker to ask first.

So, any comments?

Thanks in advance!

View raw message