From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,bc1361a952ec75ca
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2001-08-01 15:42:24 PST
Mime-Version: 1.0
X-Newsreader: knews 1.0b.1
References: <bebbba07.0107292308.d1192fc@posting.google.com>
    <slrn9ma7qp.nac.randhol@kiuk0156.chembio.ntnu.no>
    <3B6555ED.9B0B0420@sneakemail.com> <87n15lxzzv.fsf@deneb.enyo.de>
    <yecofq03kih.fsf@king.cts.com> <3B672322.B5EA1B66@home.com>
    <ppsemtojqkqsqpfvj1th3mae8b4vu1tg89@4ax.com>
    <tmfvrpmb575l80@corp.supernews.com>
    <5ee5b646.0108010949.5abab7fe@posting.google.com>
From: hs@heaven.nirvananet (Hartmann Schaffer)
Subject: Re: How Ada could have prevented the Red Code distributed denial of
 service attack.
Newsgroups: comp.lang.ada
Content-Type: text/plain; charset=us-ascii
NNTP-Posting-Host: ppp134.albedo.net
Message-ID: <3b6885cf@news.sentex.net>
Date: 1 Aug 2001 18:42:23 -0400
X-Trace: 1 Aug 2001 18:42:23 -0400, ppp134.albedo.net
Path: 
 archiver1.google.com!newsfeed.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!east1.newsfeed.sprint-canada.net!news.storm.ca!nnrp1.tor.metronet.ca!news.sentex.net!ppp134.albedo.net
Xref: archiver1.google.com comp.lang.ada:10998
Date: 2001-08-01T18:42:23-04:00
List-Id: <comp.lang.ada>

In article <5ee5b646.0108010949.5abab7fe@posting.google.com>,
	dewar@gnat.com (Robert Dewar) writes:
> "Mike Smith" <smithmc@michaelsmithHATESSPAM.org> wrote in message news:<tmfvrpmb575l80@corp.supernews.com>...
>> "raj" <israelrt@optushome.com.au> wrote in message
>> news:ppsemtojqkqsqpfvj1th3mae8b4vu1tg89@4ax.com...
>> >
>> > The buffer overflow occurs because of an old and well known bug in the
>> > C libraries.
>> 
>> The buffer overflow occurs because of a bug in the *Microsoft* C library.
>> This is not endemic to C or C++ in general.  And, what, no one has ever
>> found a bug in Ada?
> 
> 
> Sounds like Mike is not familiar with Ada. Of course Ada does not
> guarantee freedom from bugs, but for many reasons it does tend to
> eliminate obvious goofs like buffer overruns, which are indeed
> "endemic" to C and C++ in that these languages do not provide any
> help for avoiding such bugs, and as we know these buffer overrun
> bugs have time and time again proved weak spots in code written
> in C/C++.

to be fair, afaik many implementations of the C library still contains
the old getline(?) macro which is unsafe.  but the problem has been
recognized for over 20 years now, everybody is strongly advised to use
the (safe) fgetline, and afaik it is not in the standard any more.
you really can't blame the language for some idiot coders

hs