[Owasp-esapi-c++] "Export" Macro
Daniel Amodio
dan.amodio at aspectsecurity.com
Fri Aug 5 09:28:32 EDT 2011
I think it's still up in the air as to whether we will use an "ESAPI"
class.
-----Original Message-----
From: owasp-esapi-c++-bounces at lists.owasp.org
[mailto:owasp-esapi-c++-bounces at lists.owasp.org] On Behalf Of Jeffrey
Walton
Sent: Thursday, August 04, 2011 6:45 PM
To: ESAPI C++ List
Subject: [Owasp-esapi-c++] "Export" Macro
Hi All,
Both Linux and Windows offer methods to mark a function as exported.
Marking functions as such has a few benefits, such as reducing the size
of an export table. In addition, marking a function will make it easy
for us to locate functions which might be subject to extra scrutiny by
an attacker. See http://gcc.gnu.org/wiki/Visibility and
http://msdn.microsoft.com/en-us/library/a90k134d%28v=VS.90%29.aspx.
Does anyone oppose an ESAPI macro to handle visibility and mark
functions for extra analysis during audits? If not, suggestions for the
macro are welcomed. Is ESAPI reserved for anything? ESAPI_API sounds
kind of corny.
Jeff
_______________________________________________
Owasp-esapi-c++ mailing list
Owasp-esapi-c++ at lists.owasp.org
https://lists.owasp.org/mailman/listinfo/owasp-esapi-c++
More information about the Owasp-esapi-c++
mailing list