Secure Coding mailing list archives
RE: opinion, ACM Queue: Buffer Overrun Madness
From: "Peter Amey" <peter.amey () praxis-cs co uk>
Date: Wed, 09 Jun 2004 15:33:43 +0100
der Mouse (Maus surely?) wrote [snip]
Well, actually, but for the world's addiction to sloppy coding. It's entirely possible to avoid buffer overflows in C; it just requires a little care in coding. C's major failing in this regard - and I don't actually consider it all that major - is that it doesn't provide any tools to help. It assumes that you the programmer know what you're doing, and the mismatch between that and the common reality is where the problem actually comes from.
I dislike this commonly-used argument that essentially says "you should only employ above average people who don't make mistakes". It is flawed on lots of levels. 1. On average ability over our industry is average! 2. Even brilliant, infallible programmers like me make mishtukes shummtimes. 3. Even if above average, non-sloppy programmers can avoid mistakes, the effort they spend doing so is a distraction from their real job of solving the problem the program is intended for. 4. The levels of mental abstraction needed to solve an application domain problem and to worry about operator precedence and buffer overflow are completely different; there is good evidence that humans don't work well at more than one abstraction level at a time.
All that a "better" language will bring you in this regard is that it will (a) push the sloppiness into places the compiler can't check and (b) change the ways things break when confronted with input beyond the design underlying their code.
This sounds like the Syrius Cybernetics defence (from the Hitch Hiker's Guide to the Galaxy); essentially you seem to be saying it is OK if all the deep and complex flaws in a product are completely obscured by all the shallow and obvious ones. You can't assume that the sloppy programmer in C /only/ introduces shallow errors. In practice, well designed languages can do much more than you claim. They can completely eliminate whole classes of error that currently exercise our attention, make sloppiness very hard to conceal and make it much easier to find any subtle errors that remain. Peter ********************************************************************** This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error please notify the system manager. The IT Department at Praxis Critical Systems can be contacted at [EMAIL PROTECTED] This footnote also confirms that this email message has been swept by MIMEsweeper for the presence of computer viruses. www.mimesweeper.com ********************************************************************** ________________________________________________________________________ This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs. For more information on a proactive anti-virus service working around the clock, around the globe, visit: http://www.star.net.uk ________________________________________________________________________
Current thread:
- opinion, ACM Queue: Buffer Overrun Madness Jose Nazario (Jun 08)
- Re: opinion, ACM Queue: Buffer Overrun Madness ljknews (Jun 08)
- Re: opinion, ACM Queue: Buffer Overrun Madness der Mouse (Jun 09)
- Re: opinion, ACM Queue: Buffer Overrun Madness Kenneth R. van Wyk (Jun 09)
- RE: opinion, ACM Queue: Buffer Overrun Madness Alun Jones (Jun 09)
- RE: opinion, ACM Queue: Buffer Overrun Madness ljknews (Jun 09)
- Re: opinion, ACM Queue: Buffer Overrun Madness Blue Boar (Jun 10)
- Re: opinion, ACM Queue: Buffer Overrun Madness der Mouse (Jun 09)
- Re: opinion, ACM Queue: Buffer Overrun Madness der Mouse (Jun 09)
- Re: opinion, ACM Queue: Buffer Overrun Madness ljknews (Jun 08)
- Re: opinion, ACM Queue: Buffer Overrun Madness ljknews (Jun 09)
- Re: opinion, ACM Queue: Buffer Overrun Madness David Eisner (Jun 09)
- <Possible follow-ups>
- RE: opinion, ACM Queue: Buffer Overrun Madness Peter Amey (Jun 09)
- Re: opinion, ACM Queue: Buffer Overrun Madness Gary McGraw (Jun 09)
- Re: opinion, ACM Queue: Buffer Overrun Madness ljknews (Jun 09)
- RE: opinion, ACM Queue: Buffer Overrun Madness David Crocker (Jun 09)
- Re: opinion, ACM Queue: Buffer Overrun Madness Jared W. Robinson (Jun 10)
- RE: opinion, ACM Queue: Buffer Overrun Madness David Crocker (Jun 11)
- RE: opinion, ACM Queue: Buffer Overrun Madness ljknews (Jun 11)
- Re: opinion, ACM Queue: Buffer Overrun Madness der Mouse (Jun 11)
- RE: opinion, ACM Queue: Buffer Overrun Madness David Crocker (Jun 11)
- Re: opinion, ACM Queue: Buffer Overrun Madness Crispin Cowan (Jun 11)