[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <3F9C95C1.5030907@hutley.net>
From: brett at hutley.net (Brett Hutley)
Subject: Coding securely, was Linux (in)security
Chris Eagle wrote:
>>-----Original Message-----
>>From: full-disclosure-admin@...ts.netsys.com
>>[mailto:full-disclosure-admin@...ts.netsys.com]On Behalf Of Paul Schmehl
>>...
>>
>>But it shouldn't be the job of the writer of a subroutine to verify the
>>inputs. The writer of a subroutine defines what the appropriate inputs to
>>that routine are, and it's up to the *user* of that subroutine to use it
>>properly. The entire concept behind OOP is that you cannot know what's in
>>the "black box" you're using. That makes it incumbent on you as the
>
> *user*
>
>>of a subroutine to use the correct inputs and to *verify* those inputs
>
> when
>
>>necessary.
>>
>
>
> That is the most backward thing I have ever heard. So you are saying all I
> need to do as a programmer is tell you not to pass a negative number/null
> pointer/un-initialized value... to my function and I am off the hook. All I
> can say is that I am glad utdallas doesn't have you teaching programming.
> The fact that you are unaware what lies inside the black box in no way
> relieves the responsibility of the designer of the black box to make sure
> that it behaves predictably under all input cases.
So you're saying I don't need to worry if a file pointer is NULL before
passing it through to fprintf()? So I don't need to worry if an argument
to strcpy() is NULL? Or are you trying to say that the standard library
is badly written?
--
Brett Hutley [MAppFin,CISSP,SANS GCIH]
mailto:brett@...ley.net
http://hutley.net/brett
Powered by blists - more mailing lists