Re: [Lit.] Buffer overruns

From: Xcott Craver (caj_at_B-r-a-i-n-H-z.com)
Date: 12/08/04


Date: Wed, 08 Dec 2004 01:36:17 GMT

Douglas A. Gwyn <DAGwyn@null.net> wrote:
>Mok-Kong Shen wrote:
>> 'safe' programming language, e.g. ADA (would JAVA be as good?), could
>> one really 'surely' exclude such (or somewhat varied) exploits? Thanks.
>
> Programmer oversights are possible in any PL. While bounds enforcement
> would prevent *some* attacks, it cannot stop them all.
   
     In a "type-safe" language like ML, a great many security
     vulnerabilities can not occur because they are type mismatches.
     Buffer overruns, for example, are type mismatches because the array
     size is part of its type. Code containing a buffer overrun issue
     simply cannot compile.
    
     This does not prevent all sorts of other vulnerabilities due to
     improperly implemented algorithms. But a huge number of exploited
     security flaws are mere typing errors, which wouldn't happen if you
     used a language that disallowed them.
   
     But I agree that "C is unsafe." Sure it's safer if you make sure to
     check everything, but the point is that people don't. Likewise
     you can secure a Windows box, but a lot of people don't. In the
     end what matters is the likelihood of widespread vulnerabilities
     in the real world, and the damage caused by them.
   
                                                        --X



Relevant Pages

  • Fwd: [GENERAL] PostgreSQL 7.2.2: Security Release
    ... Due to recent security vulnerabilities reported on BugTraq, ... several buffer overruns found in PostgreSQL, ... require the ability to be able to connect to the database before they can ...
    (Bugtraq)
  • Re: [Lit.] Buffer overruns
    ... > vulnerabilities can not occur because they are type mismatches. ... > Buffer overruns, for example, are type mismatches because the array ... Does ML even have arrays? ... ML style strongly encourages you to use lists everywhere, ...
    (sci.crypt)
  • Re: [Lit.] Buffer overruns
    ... >>These papers examined vulnerability reports to CERT or bugtraq and ... >>all reported vulnerabilities blamed on buffer overruns. ... those were Unix-related vulnerabilities, I think primarily because ...
    (sci.crypt)