Secure Coding mailing list archives

Previous By Date Next
Previous By Thread Next

bumper sticker slogan for secure software

From: ljknews at mac.com (ljknews)
Date: Thu, 20 Jul 2006 16:59:35 -0400
At 9:46 PM +0200 7/20/06, Florian Weimer wrote:

* Pascal Meunier:


But it's true for stupid bugs like buffer overflows and format string
vulnerabilities, in which we're still swimming, and the proof is the fact
that those aren't possible in some languages.


Could you name a few such language implementations? 8-)


Ada !


In most cases, the components that enforces the absence of buffer
overflows are written in C.


Not in VAX/DEC/Compaq/HP Ada, which is the one that I use.

But the "components" that enforce the absence of buffer overflows are
not written in Bliss (the language of the Ada RTL for that compiler)
either.  They are in the code that is generated, or the failure to
generate that code because the problem was caught at compile time.
-- 
Larry Kilgallen
Previous By Date Next
Previous By Thread Next

Current thread: