From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,5bc4be576204aa20 X-Google-Attributes: gid103376,public X-Google-Language: ENGLISH,ASCII-7-bit Path: g2news1.google.com!news3.google.com!newshub.sdsu.edu!elnk-nf2-pas!newsfeed.earthlink.net!stamper.news.pas.earthlink.net!newsread2.news.pas.earthlink.net.POSTED!a6202946!not-for-mail From: "Jeffrey R. Carter" Organization: jrcarter at acm dot org User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.12) Gecko/20050915 X-Accept-Language: en-us, en MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: Buffer overflow Article - CACM References: In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Message-ID: Date: Sun, 13 Nov 2005 23:57:28 GMT NNTP-Posting-Host: 67.3.180.232 X-Complaints-To: abuse@earthlink.net X-Trace: newsread2.news.pas.earthlink.net 1131926248 67.3.180.232 (Sun, 13 Nov 2005 15:57:28 PST) NNTP-Posting-Date: Sun, 13 Nov 2005 15:57:28 PST Xref: g2news1.google.com comp.lang.ada:6363 Date: 2005-11-13T23:57:28+00:00 List-Id: adaworks@sbcglobal.net wrote: > There is an interesting article in the current issue of the Communications > of the ACM (Vol 48, No 11, page 50) about preventing stack > buffer overflow attacks. The authors, Kuperman, Brodley, Ozdoganoglu, > Viuakumar, and Jalote, write as if they have never heard of Ada. I found the article quite amusing. > In one paragraph, they criticize C as being vulnerable to such attacks > and then dismiss Pascal as being unable to address low-level issues. > As I read their solution, it became clear that simply choosing Ada for > their development language would solve the vast majority of their > concerns. This was also the ONLY paragraph that addressed language choice in the entire article. Considering that language choice is the cause of buffer overflow vulnerabilities, you'll understand why I found the article amusing. 1st, they say languages such as Java and Pascal may not be low level enough. That's certainly not true of Ada, nor of most versions of Modula-2 and Pascal. So this is simply hand waving to justify their decision to use a C derivative. Then they say that bounds checking adds 100% overhead. This may be true of trying to patch C, but it's certainly not true of all the checks Ada does, which is much more than simply bounds checking. In practice I have never found a case in which leaving checks in was too slow, nor where turning them off saved more than 10%. -- Jeff Carter "C++ is like giving an AK-47 to a monk, shooting him full of crack and letting him loose in a mall and expecting him to balance your checking account 'when he has the time.'" Drew Olbrich 52