[CSS_ACM_General_List] a question

Matt Young mabufo at gmail.com
Tue May 24 12:25:22 CDT 2011


Of course, it should be noted that things written *properly* in C should
also not have any buffer overflow problems. For example the C functions
strcpy, gets, and scanf are generally avoided - as they do not have bounds
checking. Taking strcpy as an example, people will strongly suggest that you
use strlcpy in its place (note the added 'l' in the middle), as the newer
strlcpy cannot overflow the "destination buffer" by design. Wikipedia,
surprisingly, has some pretty good articles on these.

I would ask some questions in #C on irc.freenode.org as well if you are
interested in best practices, just don't feed the trolls.

http://www.dwheeler.com/secure-programs/Secure-Programs-HOWTO/buffer-overflow.html


On Tue, May 24, 2011 at 12:03 PM, Zoko, Anthony <azoko at cdm.depaul.edu>wrote:

>  Does bounds checking.
>
> Start here : http://en.wikipedia.org/wiki/Bounds_checking
>
> Has to be a better article… will post if I remember to look later.
>
>
>
> Anthony Zoko
>
> Software Development Manager/ Architect
>
> DePaul University
>
> College of Computing and Digital Media (CDM) http://www.cdm.depaul.edu
>
>
>
> *From:* css_acm_general_list-bounces at mailman.depaul.edu [mailto:
> css_acm_general_list-bounces at mailman.depaul.edu] *On Behalf Of *Sean
> Neilan
> *Sent:* Tuesday, May 24, 2011 11:54 AM
> *To:* css_acm_general_list at mailman.depaul.edu
> *Subject:* [CSS_ACM_General_List] a question
>
>
>
> Python is written in C and servers written in python are generally more
> resistant to buffer overflows than servers written in C.
>
>
>
> What happens in Python that generally doesn't happen in a server in C to
> prevent buffer overflows? Why should Python have an advantage over the
> language it was written in?
>
>
>
> Somehow, Python prevents buffer overflows in C.
>
>
>
> _______________________________________________
> CSS_ACM_General_List mailing list
> CSS_ACM_General_List at mailman.depaul.edu
> http://mailman.depaul.edu/mailman/listinfo/css_acm_general_list
>
>


-- 
-Matthew
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mailman.depaul.edu/pipermail/css_acm_general_list/attachments/20110524/563aeb09/attachment.html 


More information about the CSS_ACM_General_List mailing list