| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1119785326.1067206187@[192.168.2.119]> From: pauls at utdallas.edu (Paul Schmehl) Subject: Coding securely, was Linux (in)security --On Sunday, October 26, 2003 7:25 PM -0800 Chris Eagle <cseagle@...shift.com> wrote: > > That is the most backward thing I have ever heard. So you are saying all > I need to do as a programmer is tell you not to pass a negative > number/null pointer/un-initialized value... to my function and I am off > the hook. All I can say is that I am glad utdallas doesn't have you > teaching programming. The fact that you are unaware what lies inside the > black box in no way relieves the responsibility of the designer of the > black box to make sure that it behaves predictably under all input cases. > No, that is not what I'm saying. What I'm saying is that the programmer should not *expect* the subroutine to do his error checking for him. If *everyone* wrote code that way, including the writer of the subroutine, we wouldn't have the problems we have with buffer overflows. The problem we have now is everyone is expecting someone *else* to do the error checking, when in fact everyone should be expecting exactly the opposite. However, what you are expecting the writer of the subroutine to do is anticipate every possible input, and that may not be possible in all cases. Certainly the writer should do error checking, but that doesn't alleviate the *user* of the subroutine from doing their job. Paul Schmehl (pauls@...allas.edu) Adjunct Information Security Officer The University of Texas at Dallas AVIEN Founding Member http://www.utdallas.edu
Powered by blists - more mailing lists