From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII
X-Google-Thread: 107f24,582dff0b3f065a52
X-Google-Attributes: gid107f24,public
X-Google-Thread: 109fba,582dff0b3f065a52
X-Google-Attributes: gid109fba,public
X-Google-Thread: 1014db,582dff0b3f065a52
X-Google-Attributes: gid1014db,public
X-Google-Thread: 103376,bc1361a952ec75ca
X-Google-Attributes: gid103376,public
X-Google-ArrivalTime: 2001-08-05 01:29:49 PST
Path: 
 archiver1.google.com!newsfeed.google.com!newsfeed.stanford.edu!news.tele.dk!193.174.75.178!news-fra1.dfn.de!news.man.poznan.pl!news.task.gda.pl!news.tpi.pl!mimuw.edu.pl!news.mimuw.edu.pl!not-for-mail
From: Marcin 'Qrczak' Kowalczyk <qrczak@knm.org.pl>
Newsgroups: comp.lang.ada,comp.lang.c,comp.lang.c++,comp.lang.functional
Subject: Re: How Ada could have prevented the Red Code distributed denial of
 service attack.
Date: 5 Aug 2001 08:15:41 GMT
Organization: Klub Nieszkodliwych =?iso-8859-2?Q?Manjak=F3w?=
Message-ID: <slrn.pl.9mq05d.6rq.qrczak@qrnik.zagroda>
References: <bebbba07.0107292308.d1192fc@posting.google.com>
  <slrn9ma7qp.nac.randhol@kiuk0156.chembio.ntnu.no>
  <3B6555ED.9B0B0420@sneakemail.com> <87n15lxzzv.fsf@deneb.enyo.de>
 <yecofq03kih.fsf@king.cts.com> <3B672322.B5EA1B66@home.com>
 <ppsemtojqkqsqpfvj1th3mae8b4vu1tg89@4ax.com>
 <tmfvrpmb575l80@corp.supernews.com>
 <5ee5b646.0108010949.5abab7fe@posting.google.com>
 <Pine.GSO.4.30.0108041349530.125-100000@scully>
NNTP-Posting-Host: zodiac.mimuw.edu.pl
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-2
Content-Transfer-Encoding: 8bit
X-Trace: kenny.mimuw.edu.pl 997000066 25757 10.1.1.1 (5 Aug 2001 08:27:46 GMT)
X-Complaints-To: abuse@news.mimuw.edu.pl
NNTP-Posting-Date: Sun, 5 Aug 2001 08:27:46 +0000 (UTC)
X-Original-Path: localhost!qrczak
X-Licznik: 24263
X-Path-Notice: Path line has been filtered
User-Agent: slrn/0.9.7.0 (pl-1.1.0) (Linux/2.2.17 (i686))
Xref: archiver1.google.com comp.lang.ada:11308 comp.lang.c:72266
 comp.lang.c++:80051 comp.lang.functional:7312
Date: 2001-08-05T08:15:41+00:00
List-Id: <comp.lang.ada>

Sat, 4 Aug 2001 14:36:10 -0400, David Lee Lambert <lamber45@egr.msu.edu> pisze:

> C++ makes it very easy to avoid buffer-overflow bugs:  just use the STL
> types 'string' (for strings) and 'vector<T>' (for arbitrary objects).

They don't prevent buffer overflows. Their operator[] doesn't check the
index range (I know that there is also at() method) and stepping their
iterators past the end is undefined behavior, not a detected error.

-- 
 __("<  Marcin Kowalczyk * qrczak@knm.org.pl http://qrczak.ids.net.pl/
 \__/
  ^^                      SYGNATURA ZAST�PCZA
QRCZAK