Re: FY Ammo: Study about Security Bugs

[gisle@kondor.ii.uib.no (Gisle S�lensminde)]

In article <m3yabltvy5.fsf@kiuk0156.chembio.ntnu.no>, Preben Randhol wrote:
>Robert Dewar <robert_dewar@my-deja.com> writes:
>
>[...]
>| There are two reasons for this
>| 
>| 1. If checks are on, out of range subscripts will be caught
>| by exceptions.
>
>Which pragmas do one have to set to turn the checks on (if not by
>default). Looked at the Annex L in RM, but it didn't make it clearer.

They are on by default, and pragma supress is only supposed to 
be used in special cases. If I got it right, compiler swiches to
turn off checks is pedanticly speaking to omit some parts of 
the standard (the checks), AFAIK. A "pragma unsupress" would be 
like  saying 'I know you not follows the rules, but can you just
turn them on in this area at least'.


>| 2. Even if checks are off, the kind of low level programming
>| approaches used in C (memcpy for example) are typically not used
>| in Ada, so it is far less likely that Ada code would be
>| susceptible to such attacks.

Hopefully programmers of programs expected to be secure, don't
turns the checks off before shipping the software. 

--
Gisle S�lensminde ( gisle@ii.uib.no )