On Mon, 10 May 2004, James Couzens wrote:
On Mon, 2004-05-10 at 12:11, Stuart D. Gathman wrote:
Buffer overflows are a result of incompetent programming and not macro
expansion so the DVP people are wrong on this point.
It's the result of incompetent programming with a dangerous language
such as C. While there are other things to screw up with bounds
checking languages (like Python or the Perl reference implementation),
buffer overflows at least are eliminated.
Buffer overflows can be easily avoided in C. Interpretive languages are
the devil! I'll tell you why. They make for LAZY programmers who grow
overly comfortable with having everything done for them. IMO its a
Bounds checking != interpreted
So redo your rant with Modula3, compiled LISP, compiled Java, Pascal
with bounds checking enabled (and bounds checked pointers to heap
implemented), Pike, and whatever else I left out as examples of
compiled bounds checking languages.
Something like Valgrind goes a long way at removing BOF's.
Yes, that's one way to tack bounds checking onto C.
realize that is is somewhat of an idealistic viewpoint, we are where we
are today (the sheer volume of exploits and exploitable pieces of
software) because of poor decision making and lazy "scripters".
Perhaps we could reduce exploits by requiring that security sensitive
code be written in machine language? *That* would eliminate those
lazy coders. It would also eliminate the threat of a tainted compiler.
(E.g. Dennis Ritchie's C compiler would compile in a backdoor for Dennis
to password checking programs.)
--
Stuart D. Gathman <stuart(_at_)bmsi(_dot_)com>
Business Management Systems Inc. Phone: 703 591-0911 Fax: 703 591-6154
"Confutatis maledictis, flamis acribus addictis" - background song for
a Microsoft sponsored "Where do you want to go from here?" commercial.