"Halvar�s reaction to Microsoft�s Michael Howard hinting that memcpy may soon be verboten in Redmond code:

This is an excellent idea - and along with memcpy, malloc() should be banned. While we are at it, the addition and multiplication operators have caused so much grief over the last years, I think it would make total sense to ban them. Oh, and if we ban the memory dereference, I am quite sure we�d be safe.

Get it? He thinks banning memcpy is a bad idea!

Here�s why Michael Howard thinks memcpy is a bad idea in secure code: it copies memory from one location to another, with an unsigned (�can�t be negative�) count parameter. If you screw the count up, or use a bad offset to find the copy target, you (or your attacker) have corrupted memory."

Article Link: http://www.securityfocus.com/blogs/105