From: Robert Dewar <robert_dewar@my-deja.com>
Subject: Re: FY Ammo: Study about Security Bugs
Date: 1999/11/26
Date: 1999-11-26T00:00:00+00:00 [thread overview]
Message-ID: <81m2r3$ba0$1@nnrp1.deja.com> (raw)
In-Reply-To: slrn83sifj.im.lutz@taranis.iks-jena.de
In article <slrn83sifj.im.lutz@taranis.iks-jena.de>,
lutz@iks-jena.de (Lutz Donnerhacke) wrote:
> * Robert Dewar wrote:
> >1. If checks are on, out of range subscripts will be caught
> >by exceptions.
>
> And if they are not caught, ... we have a
Buffer/Range-Overflow in Ada.
No, read my message more carefully. The buffer overflows in
C come from a certain style of low level programming that is
foreign to Ada, and in practice this kind of error is FAR less
likely to occur in Ada programs.
The style of free use of pointers, pointer arithmetic, and
obviously dangerous unchecked routines like memcpy leads to
a situation in C where the path of least resistance is to
write code susceptible to the kind of buffer overruns that
are discussed here. A typical Ada program will be programmed
at a different level where it is far less likely that the
programmer will make a similar mistake
Sent via Deja.com http://www.deja.com/
Before you buy.
prev parent reply other threads:[~1999-11-26 0:00 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
1999-11-25 0:00 FY Ammo: Study about Security Bugs Lutz Donnerhacke
1999-11-25 0:00 ` Preben Randhol
1999-11-25 0:00 ` Robert Dewar
1999-11-26 0:00 ` Preben Randhol
1999-11-26 0:00 ` Robert Dewar
1999-11-26 0:00 ` Keith Thompson
1999-11-26 0:00 ` Gisle S�lensminde
1999-11-26 0:00 ` Preben Randhol
1999-11-26 0:00 ` Robert Dewar
1999-11-26 0:00 ` Lutz Donnerhacke
1999-11-26 0:00 ` Robert Dewar [this message]
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox