From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=unavailable autolearn_force=no version=3.4.4 Path: eternal-september.org!reader01.eternal-september.org!reader02.eternal-september.org!news.eternal-september.org!news.eternal-september.org!news.eternal-september.org!feeder.eternal-september.org!news.swapon.de!fu-berlin.de!uni-berlin.de!individual.net!not-for-mail From: "Pascal J. Bourguignon" Newsgroups: comp.lang.ada Subject: Re: Heartbleed Date: Fri, 11 Apr 2014 12:50:53 +0200 Organization: Informatimago Message-ID: <87ob085ecy.fsf@kuiper.lan.informatimago.com> References: <1ljwj8f.1wqbhvuabsdw1N%csampson@inetworld.net> <15982110-dc30-4949-9d70-f00acf71a832@googlegroups.com> Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Trace: individual.net UdhWt99r+eBM8w2vrvAWxQpAko0fiYU+y42WhvUVV67MPPlhEb Cancel-Lock: sha1:YmU0ZDk4ODUwYTQyZmIyZDQ4M2IxYTM1MThkZWIwMmEzZjQwMjhkMQ== sha1:mFbdKsBs4JU3bmiRrNe4uoqaaB8= Face: iVBORw0KGgoAAAANSUhEUgAAADAAAAAwAQMAAABtzGvEAAAABlBMVEUAAAD///+l2Z/dAAAA oElEQVR4nK3OsRHCMAwF0O8YQufUNIQRGIAja9CxSA55AxZgFO4coMgYrEDDQZWPIlNAjwq9 033pbOBPtbXuB6PKNBn5gZkhGa86Z4x2wE67O+06WxGD/HCOGR0deY3f9Ijwwt7rNGNf6Oac l/GuZTF1wFGKiYYHKSFAkjIo1b6sCYS1sVmFhhhahKQssRjRT90ITWUk6vvK3RsPGs+M1RuR mV+hO/VvFAAAAABJRU5ErkJggg== X-Accept-Language: fr, es, en User-Agent: Gnus/5.13 (Gnus v5.13) Emacs/24.3 (gnu/linux) Xref: news.eternal-september.org comp.lang.ada:19244 Date: 2014-04-11T12:50:53+02:00 List-Id: Maciej Sobczak writes: > W dniu piątek, 11 kwietnia 2014 04:39:18 UTC+2 użytkownik Charles H. Sampson napisał: > >> According to Wikipedia, the Heartbleed bug in OpenSSL is caused by >> two errors: Lack of bounds checking and failure to verify that the >> heartbeat request was valid. Whom does one express one's indignation to? > > The following page answers your question: > > http://www.openssl.org/source/license.html > > The part written in CAPITAL LETTERS is specifically focused on this. > >> The insistence of many in our "profession" on using C and its decendents >> is the reason I qualify the word "profession" when writing about >> software developers. > > Every general statement has some exceptions. Even though *in general* > you are right, in this particular case things work a bit > differently. OpenSSL is ntended as a common component that is used by > everybody else. In order to achieve this you need to choose the > technology that is a common denominator, both in terms of the ability > to link with it and in terms of the availability of toolchains. > Now, you might argue that is is possible to write the library in Ada > in such a way that it can be reused from other languages, it is not > easy to do so, especially if you take into account the > (un)availability of language runtime. The biggest issue, however, is > the availability of compilers. > > Saying that this stuff should have been written in Ada is pointless. Yes, there's nothing magical in C, one can write libc in any language. Furthermore, the C standard all define such constructs as illegal, errors or leave their semantics as undefined. Therefore the problem is not with the language, but much more with the C programmers and C compiler programmers, because it would be perfectly valid a compiler, one that would add run-time bound checks (in addition to compilation time errors or warnings), with the associated ("undefined" by the language, but defined by the specific C implementation/compiler) corresponding exception processing. (And given the memory caches and pilelined processor architectures we have nowadays, it wouldn't even have any noticeable performance hit). >> Acting on a message without validating it is >> equally incomprenhensible to me. > > That's right. > >> For the latter, someone needs a severe rebuke on his next >> performance review, at the least. > > I am not aware of performance reviews for people who voluntarily > contribute on their free time. Not sure if that was the case for this > particular piece of code, but anyway, read the license again. The fact > that somebody wrote crappy piece of code is part of the whole problem > - the other part is that we (yes, the whole world) choose to use > it. Who is to blame? Definitely. That said, we get to see and know it's a piece of shit: we've got the freedom to do so. With proprietary software, it's the same, only we don't know it. But when you want to write correct code, you explode the dead lines and get fired long before you can complete it. -- __Pascal Bourguignon__ http://www.informatimago.com/ "Le mercure monte ? C'est le moment d'acheter !"