From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,FREEMAIL_FROM autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,f948976d12c7ee33 X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2003-06-23 23:14:45 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!small1.nntp.aus1.giganews.com!nntp.giganews.com!cyclone1.gnilink.net!spamkiller2.gnilink.net!nwrdny01.gnilink.net.POSTED!53ab2750!not-for-mail From: Hyman Rosen User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.5a) Gecko/20030611 Thunderbird/0.1a X-Accept-Language: en-us, en MIME-Version: 1.0 Newsgroups: comp.lang.ada Subject: Re: Boeing and Dreamliner References: <3EF5F3F3.6000806@attbi.com> <20619edc.0306232122.598389dd@posting.google.com> In-Reply-To: <20619edc.0306232122.598389dd@posting.google.com> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Message-ID: Date: Tue, 24 Jun 2003 06:14:43 GMT NNTP-Posting-Host: 162.83.150.214 X-Complaints-To: abuse@verizon.net X-Trace: nwrdny01.gnilink.net 1056435283 162.83.150.214 (Tue, 24 Jun 2003 02:14:43 EDT) NNTP-Posting-Date: Tue, 24 Jun 2003 02:14:43 EDT Xref: archiver1.google.com comp.lang.ada:39634 Date: 2003-06-24T06:14:43+00:00 List-Id: Mike Silva wrote: > Good heavens, no, you're thinking of C! There was no buffer overflow, > and there was no bug. The people who coded the Ariane 4 SRI never described, in their program or in their documentation, the fact that if the Horizontal Bias became too large, their alignment code would blow up. The Ariane 5 people would have had no reason to believe that they were getting code that depended on a restricted trajectory to be valid. Why should they? The SRI didn't even do anything useful after takeoff. It was a perfectly natural assumption that they were getting SRI software, not SRI-for-Ariane 4 software. Have a look at the report - . Of course, these kinds of errors can happen in any language. And that's the point. When certain people start claiming that using C++ is an actionable offense, the Ariane 5 case shows that using Ada is no panacea. And just to make the buffer overflow analogy again, since you don't seem to get it, what is a buffer overflow? It happens when a programmer makes an assumption about the size of the input he expects his program to receive, and circumstances cause that size to be exceeded, whereupon the program functions erroneously. Did that not happen in the Ariane 5 case? Is there a statue of limitations on buffer overflows, so that if it takes a long time for them to show up, the original programmer is not to blame? If the programmer insists that the unchecked size limits are needed, for efficiency, say, shouldn't the limits be documented?