Previous mail
Next mail
Unformatted/full headers
Overview 10 days
Subject
Date
Thread
Author
From: Mirsad Todorovac
Subject: Buffer Overrun Prevention in GPC
Date: 26 Jan 2006, 09:22:03
Hi, all!
I have recently studied several forms of viruses and security holes in
software. Many if not 90% of recent exploits depend on holes introduced
through buffer overruns, such as this C example:
printbuffer() {
char buffer[100];
gets (buffer); /* oops!*/
fp = fopen("LPT1:", "w");
fputs (buffer, fp);
}
Is Pascal and namely GNU Pascal safer re: buffer overruns?
How much does runtime range checking help and to what extent can we depend
on it?
Is it acceptable to write setuid root programs in GPC and what are the
cautions?
Thanks for answers.
Mirsad
"Tvrdim da bi se napetost izmedju znanosti i vjere trebala rijesiti
njihovom sintezom, a ne odbacivanjem ili podvojenoscu."
Pierre Teilhard de Chardin (1881-1955)
Previous mail
Next mail
Unformatted/full headers
Overview 10 days
Subject
Date
Thread
Author
Note: This page contains information that does not originate from the owner of this web site, but from the authors of the mails archived. The owner of this web site is not responsible for the content of such information. Any use of that infomation requires the consent of the respective author.
Where WWW addresses (URLs) in the mails archived are marked as hyperlinks, this is only for the comfort of the reader. The content of the web pages linked to like this does not necessarily reflect the opinion of the owner of this web site or of the authors of the mails archived. The owner of this web site is not responsible for the content of such web pages. Those pages are explicitly not to be considered as part of the content of this page, but merely as references.
This page was created by Crystal 0.999 (Linux 2.4.27/i686).