Re: [Lit.] Buffer overruns

• Previous message: Mok-Kong Shen: "Re: [Lit.] Buffer overruns"
• In reply to: karl malbrain: "Re: [Lit.] Buffer overruns"
• Next in thread: Douglas A. Gwyn: "Re: [Lit.] Buffer overruns"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 17 Dec 2004 03:20:46 +0100

karl malbrain wrote:

> "Mok-Kong Shen" <mok-kong.shen@t-online.de> wrote:

>>
>>karl malbrain wrote:
>>
>>
>>>Yes, that's the general argument here -- C is perfectly fine for
>
> creating
>
>>>applications that are safe -- there's nothing inherently wrong with C.
>
> You
>
>>>build safety in from the ground up. I gave you an example of a ground
>
> level
>
>>>loop. Here it is again:
>>>
>>>do opcode = nextop(env); env->status = (env->fcns[opcode])(env);
>>>while( env->status == OK );
>>>
>>>I only have to prove two things here: that the loop terminates and that
>
> its
>
>>>array reference is in bounds. I can easily do both given the next layer
>
> up.
>
>>>What do I need Ada for? extra expense? I cannot afford it. karl m
>>
>>That's your opinion and your business. That doesn't mean
>>everybody is like you. Even the original topic, buffer overruns,
>>may not be of your concern, but some others think that certain
>>safety measures could be helpful, as expressed in this thread.
>
>
> The point is that you shouldn't be doing LESS than I'm doing here,
> regardless of the language used. You need to establish a proof of
> correctness at the bottom and work up, not look for some language "crutch"
> to miss and avoid steps. karl m

If you 'define' C to be the 'bottom' (where you even establish
a proof of correctness) that you uniquely 'need', then you
certainly leave no room for argumentation by others in the
first place.

M. K. Shen

• Previous message: Mok-Kong Shen: "Re: [Lit.] Buffer overruns"
• In reply to: karl malbrain: "Re: [Lit.] Buffer overruns"
• Next in thread: Douglas A. Gwyn: "Re: [Lit.] Buffer overruns"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: [Lit.] Buffer overruns ... karl malbrain wrote: ... >>That's your opinion and your business. ... a proof of correctness) that you uniquely 'need', ... (sci.crypt) Re: [Lit.] Buffer overruns ... > karl malbrain wrote: ... > correctness at the bottom and work up", ... status return codes. ... There's more than one reasonable indentation ... (sci.crypt) Re: [Lit.] Buffer overruns ... karl malbrain wrote: ... > automate a proof of correctness. ... Xcott Craver provided some literature references of work ... I am ignorant whether automatical proof of correctness is ... (sci.crypt)