Re: M$ attack on Common Sense

From: Jean-David Beyer (jdbeyer_at_exit109.com)
Date: 09/13/03


Date: Sat, 13 Sep 2003 16:22:09 -0400

conover@email.rahul.net wrote:

> IMHO, its the *_kind_* of problems that make Windows insecure that is
> disturbing-its a craftsmanship issue.
>
> Look at all the buffer overrun problems that have been patched in
> Microsoft products since January, (many large shops have an
> organization that is dedicated to patching Microsoft products.)
>
> Even a simple SW QA process would have found the buffer
> overruns-using a mechanical procedure, no less. For example,
> compiling with the equivalent of
> http://www.bigbiz.com/cgi-bin/manpage?3+libefence and having QA run a
> regression suite would have saved Microsoft, their customers, and the
> rest of the Internet a lot of grief over the last few months.
>
> There are more elegant solutions to the buffer overrun problem, (like
> used in OpenBSD,) but compiling with memory management QA libraries
> is a minimal standard in most commercial software shops.
>
Well, if they wrote in C++ or any other run-time environment where the
string is a datatype, it would be impossible to overrun a string, which
is the usual overrun in my experience when some input over which you
have no control (the Internet, a user, or a program working on behalf of
a user). C++ users using the C++ Standard Library have such a datatype
available, and it would be a simple matter to do something similar for
other datatypes, even objects.

-- 
   .~.  Jean-David Beyer           Registered Linux User 85642.
   /V\                             Registered Machine    73926.
  /( )\ Shrewsbury, New Jersey     http://counter.li.org
  ^^-^^ 4:15pm up 23 days, 1:41, 2 users, load average: 2.29, 2.22, 2.11


Relevant Pages

  • Re: M$ attack on Common Sense
    ... string is a datatype, it would be impossible to overrun a string, which ... C++ users using the C++ Standard Library have such a datatype ...
    (alt.computer.security)
  • Re: M$ attack on Common Sense
    ... string is a datatype, it would be impossible to overrun a string, which ... C++ users using the C++ Standard Library have such a datatype ...
    (comp.os.linux.misc)
  • input of super long strings?
    ... How do I avoid the DANGER of "string" ... that can be overrun by long source lines? ...
    (microsoft.public.vstudio.development)