Re: A way to prevent buffer overflow exploits?

eodell@pobox.com (Eric O'Dell)
19 Aug 1998 16:17:27 -0400

          From comp.compilers

Related articles
[9 earlier articles]
Re: A way to prevent buffer overflow exploits? khays@sequent.com (1998-08-16)
Re: A way to prevent buffer overflow exploits? shriram@cs.rice.edu (Shriram Krishnamurthi) (1998-08-16)
Re: A way to prevent buffer overflow exploits? conway@cs.mu.OZ.AU (1998-08-16)
Re: A way to prevent buffer overflow exploits? genew@vip.net (1998-08-17)
Re: A way to prevent buffer overflow exploits? conway@cs.mu.OZ.AU (1998-08-17)
Re: A way to prevent buffer overflow exploits? chase@world.std.com (David Chase) (1998-08-19)
Re: A way to prevent buffer overflow exploits? eodell@pobox.com (1998-08-19)
Re: A way to prevent buffer overflow exploits? richard@exaflop.org (Richard Matthias) (1998-08-19)
Re: A way to prevent buffer overflow exploits? joachim.durchholz@munich.netsurf.de (Joachim Durchholz) (1998-08-22)
| List of all articles for this month |

From: eodell@pobox.com (Eric O'Dell)
Newsgroups: comp.compilers
Date: 19 Aug 1998 16:17:27 -0400
Organization: http://extra.newsguy.com
References: 98-07-242 98-08-014 98-08-029 98-08-081 98-08-106
Keywords: practice

On 16 Aug 1998 22:42:57 -0400, khays@sequent.com (Kirk Hays) wrote:


>>IMHO, if this is a problem for your organization, it's a sign that
>>your hiring practices, and not your programming tools, are at fault.
>
>Oh, my.
>
>So the programmers you hire never have a bad day, an "off by one"
>error, program on a Friday afternoon, fight with their spouses, lack
>experience, misuse a macro, get bit by a bug in a compiler, or have to
>maintain someone else's crufty old code?


I didn't mean that to sound as asinine as it obviously did. I juggle
chainsaws for a living and routinely cut my own arms off, too.


What I really meant was that it often seems that more bad software
engineering results from reasoning along the lines of "I don't need
to check for [condition] because [condition] will never occur" than
from innocent programmer error, and that past a certain point,
built-in language safeguards tend to encourage that sort of reasoning.
That's all.


--Eric
--


Post a followup to this message

Return to the comp.compilers page.
Search the comp.compilers archives again.