• Open Menu Close Menu
  • Apple
  • Shopping Bag
  • Apple
  • Mac
  • iPad
  • iPhone
  • Watch
  • TV
  • Music
  • Support
  • Search apple.com
  • Shopping Bag

Lists

Open Menu Close Menu
  • Terms and Conditions
  • Lists hosted on this site
  • Email the Postmaster
  • Tips for posting to public mailing lists
Re: WTF? How can this work?
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WTF? How can this work?

  • Subject: Re: WTF? How can this work?
  • From: "John C. Randolph" <email@hidden>
  • Date: Mon, 20 Aug 2001 21:19:43 -0700
On Monday, August 20, 2001, at 07:36 PM, Brian Hill wrote:

On Monday, August 20, 2001, at 08:21 PM, John C. Randolph wrote:

Perhaps, but the fact is that a vast number of security problems in todays computers are due to the fact that C doesn't do bounds-checking of arrays or strings.

I'd phrase that more properly as most internet security problems are due to the fact that Microsoft doesn't do bounds checking of arrays or strings...

It's not just Microsoft. All of the classic stack-smashing attacks against fingerd, sendmail, the BSD TCP stack, etc. have had the same root cause.

-jcr

References: 
 >Re: WTF? How can this work? (From: Brian Hill <email@hidden>)

  • Prev by Date: Re: Bug in NSString stringWithFormat (or sprintf)?
  • Next by Date: Re: Bug in NSString stringWithFormat (or sprintf)?
  • Previous by thread: Re: WTF? How can this work?
  • Next by thread: Re: WTF? How can this work?
  • Index(es):
    • Date
    • Thread