From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 107f24,582dff0b3f065a52
X-Google-Attributes: gid107f24,public
X-Google-Thread: 103376,bc1361a952ec75ca
X-Google-Attributes: gid103376,public
X-Google-Thread: 1014db,582dff0b3f065a52
X-Google-Attributes: gid1014db,public
X-Google-Thread: 109fba,582dff0b3f065a52
X-Google-Attributes: gid109fba,public
X-Google-ArrivalTime: 2001-08-01 10:40:16 PST
Path: 
 archiver1.google.com!newsfeed.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!jfk3-feed1.news.digex.net!dca6-feed2.news.digex.net!intermedia!netnews.jhuapl.edu!not-for-mail
From: Scott Ingram <scott@silver.jhuapl.edu>
Newsgroups: comp.lang.ada,comp.lang.c,comp.lang.c++,comp.lang.functional
Subject: Re: How Ada could have prevented the Red Code distributed denial of
 service attack.
Date: Wed, 01 Aug 2001 13:32:44 -0400
Organization: Johns Hopkins University Applied Physics Lab, Laurel, MD, USA
Message-ID: <3B683D3C.860BAE0A@silver.jhuapl.edu>
References: <bebbba07.0107292308.d1192fc@posting.google.com>
  <slrn9ma7qp.nac.randhol@kiuk0156.chembio.ntnu.no>
  <3B6555ED.9B0B0420@sneakemail.com> <87n15lxzzv.fsf@deneb.enyo.de>
 <yecofq03kih.fsf@king.cts.com> <3B672322.B5EA1B66@home.com>
 <ppsemtojqkqsqpfvj1th3mae8b4vu1tg89@4ax.com>
 <tmfvrpmb575l80@corp.supernews.com>
NNTP-Posting-Host: silver.jhuapl.edu
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit
X-Trace: houston.jhuapl.edu 996687164 28195 128.244.80.107 (1 Aug 2001
 17:32:44 GMT)
X-Complaints-To: usenet@houston.jhuapl.edu
NNTP-Posting-Date: 1 Aug 2001 17:32:44 GMT
X-Mailer: Mozilla 4.77 [en] (X11; U; Linux 2.2.2 i686)
X-Accept-Language: en
Xref: archiver1.google.com comp.lang.ada:10965 comp.lang.c:71319
 comp.lang.c++:79109 comp.lang.functional:7088
Date: 2001-08-01T17:32:44+00:00
List-Id: <comp.lang.ada>

Mike Smith wrote:
> 
> "raj" <israelrt@optushome.com.au> wrote in message
> news:ppsemtojqkqsqpfvj1th3mae8b4vu1tg89@4ax.com...
> >
> > The buffer overflow occurs because of an old and well known bug in the
> > C libraries.
> 
> The buffer overflow occurs because of a bug in the *Microsoft* C library.
> This is not endemic to C or C++ in general.  And, what, no one has ever
> found a bug in Ada?
> 
> --
> Mike Smith

I am not exactly sure what the point of "raj"'s post was,
but David Wheeler's "Secure Programming for Linux and Unix
HOWTO" (part of the Linux Documentation Project and also
available at http://www.dwheeler.com) covers this topic in
detail, as well as strategies for coping with it.  And of
course you can write buggy code in Ada--what's the point
of such a powerful language if you can't make it do what you
want?  Its just that you really have to want a buffer overflow
to make it happen :)
-- 
Scott Ingram
Vice-Chair, Baltimore SIGAda
System Development and Operational Support Group
Johns Hopkins University Applied Physics Laboratory