Re: [Lit.] Buffer overruns

From: Xcott Craver (
Date: 12/08/04

Date: Wed, 08 Dec 2004 01:36:17 GMT

Douglas A. Gwyn <> wrote:
>Mok-Kong Shen wrote:
>> 'safe' programming language, e.g. ADA (would JAVA be as good?), could
>> one really 'surely' exclude such (or somewhat varied) exploits? Thanks.
> Programmer oversights are possible in any PL. While bounds enforcement
> would prevent *some* attacks, it cannot stop them all.
     In a "type-safe" language like ML, a great many security
     vulnerabilities can not occur because they are type mismatches.
     Buffer overruns, for example, are type mismatches because the array
     size is part of its type. Code containing a buffer overrun issue
     simply cannot compile.
     This does not prevent all sorts of other vulnerabilities due to
     improperly implemented algorithms. But a huge number of exploited
     security flaws are mere typing errors, which wouldn't happen if you
     used a language that disallowed them.
     But I agree that "C is unsafe." Sure it's safer if you make sure to
     check everything, but the point is that people don't. Likewise
     you can secure a Windows box, but a lot of people don't. In the
     end what matters is the likelihood of widespread vulnerabilities
     in the real world, and the damage caused by them.