Re: [Lit.] Buffer overruns

From: karl malbrain (karl_m_at_acm.org)
Date: 12/17/04

• Next message: Mok-Kong Shen: "Re: [Lit.] Buffer overruns"
• Previous message: Mok-Kong Shen: "Re: [Lit.] Buffer overruns"
• In reply to: Mok-Kong Shen: "Re: [Lit.] Buffer overruns"
• Next in thread: Mok-Kong Shen: "Re: [Lit.] Buffer overruns"
• Reply: Mok-Kong Shen: "Re: [Lit.] Buffer overruns"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 16 Dec 2004 18:02:08 -0800

"Mok-Kong Shen" <mok-kong.shen@t-online.de> wrote in message
news:cpte1f$36c$04$1@news.t-online.com...
>
>
> karl malbrain wrote:
>
> > Yes, that's the general argument here -- C is perfectly fine for
creating
> > applications that are safe -- there's nothing inherently wrong with C.
You
> > build safety in from the ground up. I gave you an example of a ground
level
> > loop. Here it is again:
> >
> > do opcode = nextop(env); env->status = (env->fcns[opcode])(env);
> > while( env->status == OK );
> >
> > I only have to prove two things here: that the loop terminates and that
its
> > array reference is in bounds. I can easily do both given the next layer
up.
> > What do I need Ada for? extra expense? I cannot afford it. karl m
>
> That's your opinion and your business. That doesn't mean
> everybody is like you. Even the original topic, buffer overruns,
> may not be of your concern, but some others think that certain
> safety measures could be helpful, as expressed in this thread.

The point is that you shouldn't be doing LESS than I'm doing here,
regardless of the language used. You need to establish a proof of
correctness at the bottom and work up, not look for some language "crutch"
to miss and avoid steps. karl m

• Next message: Mok-Kong Shen: "Re: [Lit.] Buffer overruns"
• Previous message: Mok-Kong Shen: "Re: [Lit.] Buffer overruns"
• In reply to: Mok-Kong Shen: "Re: [Lit.] Buffer overruns"
• Next in thread: Mok-Kong Shen: "Re: [Lit.] Buffer overruns"
• Reply: Mok-Kong Shen: "Re: [Lit.] Buffer overruns"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: [Lit.] Buffer overruns ... > karl malbrain wrote: ... >> array reference is in bounds. ... > safety measures could be helpful, ... regardless of the language used. ... (sci.crypt) Re: [Lit.] Buffer overruns ... karl malbrain wrote: ... >>As I said in another post, proper education should be ... >>omplementary to safety provided by PL design, ... > And the point remains that the design of C is just fine. ... (sci.crypt) Re: [Lit.] Buffer overruns ... > karl malbrain wrote: ... STRCPY, STRCAT, etc, should not even be taught. ... > omplementary to safety provided by PL design, ... And the point remains that the design of C is just fine. ... (sci.crypt) Re: Newbie Advice/Critiscism ... If I remember correctly from a couple/few years ago, Karl once posted a ... the Office Development Team and the Language group. ... There were papers and some 'demos' showing these features. ... started phasing out VB when VB6 was released. ... (microsoft.public.vb.general.discussion) Re: [Lit.] Buffer overruns ... > karl malbrain wrote: ... do you mean that other PLs don't have such libraries? ... There is no higher level language other than C ... that permits an array of function pointers into dynamically loaded code ... (sci.crypt)

• Security
• UNIX
• Linux
• Coding
• Usenet

• News
• Mailing-Lists
• Newsgroups
• Service
• About
• Privacy
• Search
• Imprint