Vulnerability Development mailing list archives

Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh)

From: Adam Clarke <Adam.Clarke () STRATEGICDATA COM AU>
Date: Thu, 28 Sep 2000 16:44:43 +1000

This assumes that the development environment is static and known. You check
for null termination this is a language/library specific requirement.

In larger projects this is a poor assumption since you may decide to
re-implement modules differently to achieve performance goals or meet other
constraints. For example you may choose to implement the design in Java then
during performance testing you notice that some java file operations are
slowing down your code so you re-implement the file access module in C and
use Java's native method call capability to wrap them up.

I would call what you have below an implementation plan and as a result it
would happen after the design phase and would be revisited if the target
language changed.

----- Original Message -----
From: "Jonathan James" <Jonathan () SECURITO SE>
Sent: Wednesday, September 27, 2000 10:40 PM

When designing software one has to take into account all the possible
implementation problems that may exist. i.e
1. Read input from user
1.1 Check for null termination
etc..
This is described in pseudo code, no coding needed.


My 2c

Adam

Current thread:

Re: CGI scripts in sh, (continued)
- - - Re: CGI scripts in sh -jf- (Sep 22)
    - C versus other languages, round 538 or so (Re: CGI scripts in sh) Bluefish (P.Magnusson) (Sep 23)
    - Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Jonathan James (Sep 24)
    - Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Bluefish (P.Magnusson) (Sep 25)
    - Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh) Jonathan James (Sep 27)
    - Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh) Bluefish (P.Magnusson) (Sep 27)
    - Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Jonathan James (Sep 27)
    - Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Bluefish (P.Magnusson) (Sep 27)
    - Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Jonathan James (Sep 28)
    - Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Reid Nichol (Sep 29)
    - Re: C versus other languages, round 538 or so (Re: CGI scriptsinsh) Adam Clarke (Sep 28)
    - Re: C versus other languages, round 538 or so (Re: CGI scriptsin sh) Ben Galehouse (Sep 30)
    - Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Ben Galehouse (Sep 27)
    - Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Jonathan James (Sep 27)
    - Re: C versus other languages,round 538 or so (Re: CGI scripts in sh) Crispin Cowan (Sep 28)
    - Re: C versus other languages, round 538 or so (Re: CGI scripts in sh) Ryan Masters (Sep 24)
- Re: IP Spoofing with DHCP ? Bryce Walter (Sep 18)
  - Re: IP Spoofing with DHCP ? Matthew S. Hallacy (Sep 19)
- Re: IP Spoofing with DHCP ? Andre Monteiro (Sep 20)