From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID autolearn=no autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII X-Google-Thread: 103376,32a9c4641bed19de X-Google-Attributes: gid103376,public From: gisle@kondor.ii.uib.no (Gisle S�lensminde) Subject: Re: FY Ammo: Study about Security Bugs Date: 1999/11/26 Message-ID: #1/1 X-Deja-AN: 553266401 Content-Transfer-Encoding: 8bit References: <81k5oi$44k$1@nnrp1.deja.com> Organization: University of Bergen, Norway Content-Type: text/plain; charset=iso-8859-1 Mime-Version: 1.0 Newsgroups: comp.lang.ada Date: 1999-11-26T00:00:00+00:00 List-Id: In article , Preben Randhol wrote: >Robert Dewar writes: > >[...] >| There are two reasons for this >| >| 1. If checks are on, out of range subscripts will be caught >| by exceptions. > >Which pragmas do one have to set to turn the checks on (if not by >default). Looked at the Annex L in RM, but it didn't make it clearer. They are on by default, and pragma supress is only supposed to be used in special cases. If I got it right, compiler swiches to turn off checks is pedanticly speaking to omit some parts of the standard (the checks), AFAIK. A "pragma unsupress" would be like saying 'I know you not follows the rules, but can you just turn them on in this area at least'. >| 2. Even if checks are off, the kind of low level programming >| approaches used in C (memcpy for example) are typically not used >| in Ada, so it is far less likely that Ada code would be >| susceptible to such attacks. Hopefully programmers of programs expected to be secure, don't turns the checks off before shipping the software. -- Gisle S�lensminde ( gisle@ii.uib.no )