Coding Practice [was Re: Serious OpenSSL vulnerability]
Ian Malone
ibmalone at gmail.com
Thu Apr 10 07:19:15 UTC 2014
On 9 April 2014 18:05, Liam Proven <lproven at gmail.com> wrote:
> On 9 April 2014 17:19, Tim <ignored_mailbox at yahoo.com.au> wrote:
>> Only the other day I was thinking similarly: That almost every exploit
>> that I read about, over the last umpteen years, was a buffer overflow;
>> and why is it so? Are programmers such morons that they accept all data
>> without care, rather than only accept what you actually expect?
>
>
> No. It's because the entire world of modern computing is built on C, a
> programming language that is a sort of portable assembly-language but
> with pointer arithmetic, a language so brain-dead that it lets you
> assign element 31 in an array of 30 elements, or write to the 42nd
> character of a 40-character string. And which encourages programmers
> to arithmetically manipulate pointers to data in memory directly,
> which compels programmers to do their own memory-management manually.
>
To be clear on a couple of things. The array access that C provides is
what you would get with assembly language (not "but lets you perform
pointer arithmetic"), and actually a feature, not some brain-dead
mistake, though maybe not a feature most people need. Second,
heartbleed is not a buffer writing bug, it's *reading* past the end of
an array. The patch check has been added against a length field they
already have, so this was a mistake of trusting the supplied request
and maybe not realising there could be a problem.
This bug was pretty bad, but the kind of mistakes that lead to
overflows and over-reads tend to be from not keeping track of the data
properly and will cause other problems anyway, memory protection
doesn't help with those.
--
imalone
http://ibmalone.blogspot.co.uk
More information about the users
mailing list