From: gisle@kondor.ii.uib.no (Gisle S�lensminde)
Subject: Re: FY Ammo: Study about Security Bugs
Date: 1999/11/26
Date: 1999-11-26T00:00:00+00:00 [thread overview]
Message-ID: <slrn83ss7u.rae.gisle@kondor.ii.uib.no> (raw)
In-Reply-To: m3yabltvy5.fsf@kiuk0156.chembio.ntnu.no
In article <m3yabltvy5.fsf@kiuk0156.chembio.ntnu.no>, Preben Randhol wrote:
>Robert Dewar <robert_dewar@my-deja.com> writes:
>
>[...]
>| There are two reasons for this
>|
>| 1. If checks are on, out of range subscripts will be caught
>| by exceptions.
>
>Which pragmas do one have to set to turn the checks on (if not by
>default). Looked at the Annex L in RM, but it didn't make it clearer.
They are on by default, and pragma supress is only supposed to
be used in special cases. If I got it right, compiler swiches to
turn off checks is pedanticly speaking to omit some parts of
the standard (the checks), AFAIK. A "pragma unsupress" would be
like saying 'I know you not follows the rules, but can you just
turn them on in this area at least'.
>| 2. Even if checks are off, the kind of low level programming
>| approaches used in C (memcpy for example) are typically not used
>| in Ada, so it is far less likely that Ada code would be
>| susceptible to such attacks.
Hopefully programmers of programs expected to be secure, don't
turns the checks off before shipping the software.
--
Gisle S�lensminde ( gisle@ii.uib.no )
next prev parent reply other threads:[~1999-11-26 0:00 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
1999-11-25 0:00 FY Ammo: Study about Security Bugs Lutz Donnerhacke
1999-11-25 0:00 ` Preben Randhol
1999-11-25 0:00 ` Robert Dewar
1999-11-26 0:00 ` Preben Randhol
1999-11-26 0:00 ` Robert Dewar
1999-11-26 0:00 ` Keith Thompson
1999-11-26 0:00 ` Gisle S�lensminde [this message]
1999-11-26 0:00 ` Robert Dewar
1999-11-26 0:00 ` Preben Randhol
1999-11-26 0:00 ` Lutz Donnerhacke
1999-11-26 0:00 ` Robert Dewar
replies disabled
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox