Re: Privilege-escalation attacks on NT-based Windows are unfixable

From: Edward Elliott (nobody@127.0.0.1)
Date: 08/23/02


From: Edward Elliott <nobody@127.0.0.1>
Date: Fri, 23 Aug 2002 20:16:45 GMT

Alun Jones wrote:
> Then, too, there's the argument that strcpy is not a flaw in the language - if
> you have a function that's documented to scan for the first null-byte, and
> copy everything up to and including that byte into the destination, then you
> should, as a secure programmer, be aware that every time you call strcpy, you
> must have checked the destination is big enough to hold it! If strcpy didn't
> exist, someone would invent it, and the problem would still exist. Trying to

If strcpy didn't exist, everyone would use strncpy which is safer.
Indeed strcopy is not a fault in the language, but it is a fault in the
standard library.

-- 
Edward Elliott



Relevant Pages

  • Re: Privilege-escalation attacks on NT-based Windows are unfixable
    ... the C language and libraries are flawed ... >also pin a good deal of the blame on the flawed language itself, ... If I have a program that doesn't check a buffer passed into strcpy, ... should, as a secure programmer, be aware that every time you call strcpy, you ...
    (comp.security.misc)
  • Re: Privilege-escalation attacks on NT-based Windows are unfixable
    ... the C language and libraries are flawed ... >also pin a good deal of the blame on the flawed language itself, ... If I have a program that doesn't check a buffer passed into strcpy, ... should, as a secure programmer, be aware that every time you call strcpy, you ...
    (comp.os.ms-windows.nt.admin.security)
  • Re: IrfanView is not affected by the MS JPEG vulnerability.
    ... Which is, of course, a perfectly correct implementation of strcpy. ... >was much worse in the past when compilers would let through obvious ... The *vast* majority of the bugs I see in production code are language ...
    (rec.photo.digital)
  • Re: adding #include header file
    ... Also, C is a different language than C#, while there are similarities, they ... > strcpy;> strcpy; ... > zProcess (&parm); // dll function call that modifies certain members> of parm ...
    (microsoft.public.dotnet.languages.csharp)
  • Re: Privilege-escalation attacks on NT-based Windows are unfixable
    ... > copy everything up to and including that byte into the destination, ... > should, as a secure programmer, be aware that every time you call strcpy, you ... Indeed strcopy is not a fault in the language, but it is a fault in the ...
    (comp.security.misc)