Hi
On Thu, Apr 10, 2014 at 3:19 AM, Ian Malone wrote:
.
This bug was pretty bad, but the kind of mistakes that lead to
overflows and over-reads tend to be from not keeping track of the data
properly and will cause other problems anyway, memory protection
doesn't help with those.
In a managed language, it isn't typically possible to read past the end of an array without it resulting in obvious errors. So while it isn't a silver bullet, it could have helped significantly here to notice the problem and correct the relevant related code. Unfortunately C continues to dominate as a popular systems programming language and these types of errors remain a frequent problem largely because language level support for higher level abstractions remain extremely weak. The fact that a major piece of extremely security critical code received almost no support from commercial vendors for a detailed audit for security flaws also remains a problem.
Rahul
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
