Re: Stack growth direction to thwart buffer overflow attacks

From: Barry Margolin (barry.margolin_at_level3.com)
Date: 08/15/03


Date: Fri, 15 Aug 2003 20:54:45 GMT

In article <bhjdug$eu$1@pegasus.csx.cam.ac.uk>,
Nick Maclaren <nmm1@cus.cam.ac.uk> wrote:
>In article <XY9%a.130$mD.124@news.level3.com>,
>Barry Margolin <barry.margolin@level3.com> wrote:
>>In article <1060970338.228041@saucer.planet.gong>,
>>Rupert Pigott <roo@dark-try-removing-this-boong.demon.co.uk> wrote:
>>>"Barry Margolin" <barry.margolin@level3.com> wrote in message
>>>news:Sx7%a.124$mD.56@news.level3.com...
>>>> In article <bhi3mc$rgd$1@pegasus.csx.cam.ac.uk>,
>>>> Nick Maclaren <nmm1@cus.cam.ac.uk> wrote:
>>>> >Firstly, in the case of functions like strcpy, it is NOT much easier
>>>> >to provide the correct length than to do your own checking.
>>>>
>>>> Could you explain this? How could writing your own checking code be
>>>easier
>>>> than just adding one parameter to a function call?
>>>
>>>I don't want to jump in and speak for Nick here. From my OWN point
>>>of view adding a parameter is just Yet-Another-Thing-To-Get-Wrong.
>>
>>But the choice is between "doing something and possibly getting it wrong"
>>and "doing nothing which is almost always wrong". Right now we've got lots
>>of the latter.
>
>No, it isn't. There is also the choice "doing something and making
>the situation worse".

It's already pretty bad, I don't think it could really get much worse;
there are unchecked buffers all over the place, just waiting for crackers
to discover them. I guess we'll just have to agree to disagree on whether
the particular techniques we've been discussing would result in an
improvement.

-- 
Barry Margolin, barry.margolin@level3.com
Level(3), Woburn, MA
*** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups.
Please DON'T copy followups to me -- I'll assume it wasn't posted to the group.


Relevant Pages

  • Re: Stack growth direction to thwart buffer overflow attacks
    ... to discover them. ... I guess we'll just have to agree to disagree on whether ... *** DON'T SEND TECHNICAL QUESTIONS DIRECTLY TO ME, post them to newsgroups. ... Please DON'T copy followups to me -- I'll assume it wasn't posted to the group. ...
    (comp.security.unix)
  • Re: Cross-posting
    ... even Outlook Express that allows you to set where followups go. ... newsgroups that the original was crossposted to, ... or the newsgroups *you* think need to see the crosspost. ... only the Pagan group and SRQ because you feel most further discussion would ...
    (soc.religion.quaker)
  • Re: His true colors
    ... *the* subject of the newsgroups is a distraction to everyone.- ... silence those with whom they disagree. ... ask favors on behalf of others. ...
    (misc.health.alternative)
  • Re: What price SP2
    ... aware of these newsgroups or are not bothered to discover what is going on ... As for defragment and other procedures they look ... > First I made a backup. ...
    (microsoft.public.windowsupdate)
  • Re: [OT] Mail-Copies-To header set to invalid address
    ... >> If it didn't make its way into an RFC, ... >> He may kindly suggest followups to a subset of the Newsgroups header or ... up messages are to be posted to the newsgroup or newsgroups listed ... It's imperative to the client software, ...
    (comp.lang.c)