From owner-freebsd-security Mon Oct 29 12:33:18 2001 Delivered-To: freebsd-security@freebsd.org Received: from flood.ping.uio.no (flood.ping.uio.no [129.240.78.31]) by hub.freebsd.org (Postfix) with ESMTP id 7F30E37B408 for ; Mon, 29 Oct 2001 12:33:15 -0800 (PST) Received: by flood.ping.uio.no (Postfix, from userid 2602) id 2427A14C2E; Mon, 29 Oct 2001 21:33:13 +0100 (CET) X-URL: http://www.ofug.org/~des/ X-Disclaimer: The views expressed in this message do not necessarily coincide with those of any organisation or company with which I am or have been affiliated. To: Krzysztof Zaraska Cc: Yuri Muhitov , freebsd-security@FreeBSD.ORG Subject: Re: BUFFER OVERFLOW EXPLOITS References: From: Dag-Erling Smorgrav Date: 29 Oct 2001 21:33:12 +0100 In-Reply-To: Message-ID: Lines: 14 User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/20.7 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org Krzysztof Zaraska writes: > On Sun, 28 Oct 2001, Yuri Muhitov wrote: > > Is this programming, compiler or compiling options error? > > How to avoid this problem on practice (writing programs)? > This is programmer's error. Only partially correct. It is the result of programming errors which should be caught at compile or run time but aren't because the programming language used is not strongly typed, and / or its function library is not sufficiently type-safe. DES -- Dag-Erling Smorgrav - des@ofug.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message