Re: Easily and Permanently prevent all stack buffer overflows



I forgot something:

A "buffer overflow" does not necessarily mean, that the stack will be
corrupted. Buffer overflow means, that a piece of code writes to a
region in memory, where it shouldn't, when everything would be o. k.
(command line parameters, data from file / database / network
packets, ...). In those cases the program overwrites some other
variables / buffers in memory, so the behaviour of your program (or
some other program) changes.

In my eyes, the only way to avoid buffer overflows is in using a
programming language, that provides built-in techniques that will
check things like array indices, like Java. Java reports an so called
ArrayIndexOutOfBoundsException exception if your array index leaves
the valid range. Some older languages like Pascal or Modula-2 also
checks these ranges by default. In C, this will be rather difficult.

Greetings from Bavaria,

Markus
.