Secure Coding mailing list archives
BSIMM: Confessions of a Software SecurityAlchemist(informIT)
From: ljknews at mac.com (ljknews)
Date: Sat, 21 Mar 2009 09:11:05 -0400
At 11:41 PM -0400 3/20/09, Gary McGraw wrote:
once long ago I spilt a bottle of wine with dan geer
we argued for hours about whether a buffer overflow was a bug or a flaw. if you find one in a code pile (say, caused by a local variable on the stack and a gets call) , it is a bug. Or is it a flaw that the C stack grows in an incredibly stupid way?
That reasoning has a bit of not being able to see the forest for the trees. The root problem (and I do not care about the terminology) is that the C programming language promotes the use of uncounted strings. -- Larry Kilgallen
Current thread:
- Supply Chain Resiliency Project Assistance, (continued)
- Supply Chain Resiliency Project Assistance Mason Brown (Mar 22)
- Supply Chain Resiliency Project Assistance Gary McGraw (Mar 22)
- Supply Chain Resiliency Project Assistance Gadi Evron (Mar 22)
- Supply Chain Resiliency Project Assistance Wisseman, Stan [USA] (Mar 22)
- Supply Chain Resiliency Project Assistance Sammy Migues (Mar 22)
- Supply Chain Resiliency Project Assistance Dave Wichers (Mar 23)
- Supply Chain Resiliency Project Assistance Mason Brown (Mar 23)
- Supply Chain Resiliency Project Assistance Rohit Lists (Mar 23)
- BSIMM: Confessions of a Software SecurityAlchemist(informIT) Florian Weimer (Mar 21)
- BSIMM: Confessions of a Software SecurityAlchemist(informIT) Gary McGraw (Mar 20)
- BSIMM: Confessions of a Software SecurityAlchemist(informIT) ljknews (Mar 21)
- BSIMM: Confessions of a Software SecurityAlchemist(informIT) Steven M. Christey (Mar 22)
- BSIMM: Confessions of a Software SecurityAlchemist(informIT) Gary McGraw (Mar 23)
- The Importance of Type Safety Brad Andrews (Mar 23)
- The Importance of Type Safety Carl Alphonce (Mar 23)
- The Importance of Type Safety AF (Mar 23)
- The Importance of Type Safety Brad Andrews (Mar 23)
- The Importance of Type Safety Jeremy Epstein (Mar 23)
- The Importance of Type Safety AF (Mar 26)
- BSIMM: Confessions of a Software SecurityAlchemist(informIT) Andy Steingruebl (Mar 24)
- BSIMM: Confessions of a Software SecurityAlchemist(informIT) Gary McGraw (Mar 25)