Example: Use of a different library than the standard C
libraries
Pros:
Eliminates problems with unsafe library function calls in C/C++
Cons:
Existing code has to be modified
Programmers have to become familiar with a different set of libraries
Often string and memory handling libraries are replaced, but not standard library functions specific
to an operating system like file handling and environment variable
functions which can also lead to buffer overflows
Not all buffer overflows are caused by library functions
What happens when a buffers limit is reached? Does the program halt?
Is the string
truncated? Is an exception
generated?