nanog mailing list archives
Re: Bell Labs or Microsoft security?
From: Mathew Lodge <Mathew () CPlane com>
Date: Wed, 29 Jan 2003 11:07:59 -0800
At 08:27 AM 1/29/2003 -0600, Alif The Terrible wrote:
> > FORTRAN/COBOL array bounds checking. Bell Labs answer: C. Who wants > > the computer to check array lengths or pointers. Programmers know what > > they are doing, and don't need to be "constrained" by the programming > > language. Everyone knows programmers are better at arithmatic than > > computers. A programmer would never make an off-by-one error. The > > standard C run-time library. gets(char *buffer), strcpy(char *dest, char > > *src), what were they thinking? > > Possibly that bounds checking is an incredible cpu suck
It doesn't have to be, if your compiler is worth its salt. Take a look at the GNU Ada compiler implementation of bound checking -- incredibly efficient. There are optimizations and inductive reasoning you can perform at compile time. Strongly typed programming languages make it easier to perform those optimizations, which is a major problem for C (everything's a pointer, right? :-) However, the current language fad is Java, which is somewhat more strongly typed.
, there are a great > many powerful things you can do in C based on the fact that there is no > bounds checking (pointers ARE your friend god damnit :P), and in a world > before buffer overflow exploits it probably didn't matter if Joe Idiot's > program crashed because he goofed? (hindsight is 20/20)
Not sure if this was ever true for networked applications. The original Morris ARPANet worm exploited a buffer overrun vulnerability in the BSD Unix finger daemon. There's no excuse for failing to change behavior, or not re-visiting bounds checking in compilers & interpreters / virtual machines (e.g. JVM).
Finally, and rather off-topic, I have yet to come across a C programming technique that "can't be done" efficiently in, say, Ada -- a language that usually gives C programmers fits of apoplexy. You just have to know how to express the solution in that language, rather than forcing a literal translation of the way it's done in C.
Cheers, Mathew
Current thread:
- Re: What could have been done differently?, (continued)
- Message not available
- Re: What could have been done differently? Scott Francis (Jan 30)
- Re: What could have been done differently? Steven M. Bellovin (Jan 28)
- Re: What could have been done differently? Scott Francis (Jan 28)
- Re: What could have been done differently? Brian Wallingford (Jan 28)
- Bell Labs or Microsoft security? Sean Donelan (Jan 29)
- Re: Bell Labs or Microsoft security? Richard A Steenbergen (Jan 29)
- Re: Bell Labs or Microsoft security? Marshall Eubanks (Jan 29)
- Re: Bell Labs or Microsoft security? Richard A Steenbergen (Jan 29)
- Re: Bell Labs or Microsoft security? Florian Weimer (Jan 29)
- Re: Bell Labs or Microsoft security? Alif The Terrible (Jan 29)
- Re: Bell Labs or Microsoft security? Mathew Lodge (Jan 29)
- Re: Bell Labs or Microsoft security? E.B. Dreger (Jan 29)
- Message not available
- Re: Bell Labs or Microsoft security? Mathew Lodge (Jan 29)
- Re: Bell Labs or Microsoft security? E.B. Dreger (Jan 29)
- Re: Bell Labs or Microsoft security? E.B. Dreger (Jan 29)
- Re: Bell Labs or Microsoft security? Richard A Steenbergen (Jan 29)
- Re: Bell Labs or Microsoft security? E.B. Dreger (Jan 29)
- Re: Bell Labs or Microsoft security? Florian Weimer (Jan 29)
- Mono Culture - was Re: Bell Labs or Microsoft security? Joseph T. Klein (Jan 29)
- Re: Mono Culture - was Re: Bell Labs or Microsoft security? Peter Salus (Jan 29)
- Re: Bell Labs or Microsoft security? Leo Bicknell (Jan 29)