[SC-L] BSIMM: Confessions of a Software SecurityAlchemist(informIT)
Steven M. Christey
coley at linus.mitre.org
Sun Mar 22 13:30:31 EST 2009
On Sat, 21 Mar 2009, ljknews wrote:
> The root problem (and I do not care about the terminology)
> is that the C programming language promotes the use of
> uncounted strings.
I'd rephrase that because buffer overflows apply to many other data types
besides strings. Anything using an array of pointer arithmetic is
potentially subject to overflows. I have little doubt that when you
launch 200 simultaneous connections against a bunch of applications, some
of them will crash because the programmer only allocated enough memory to
store 100 connections at once. A lot of the IOCTL overflows going on
right now are more about malformed data structures than strings, as are
many of the file format vulns.
- Steve
More information about the SC-L
mailing list