[Cryptography] Ada vs Rust vs safer C
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Wed Sep 21 11:23:19 EDT 2016
Christian Huitema <huitema at huitema.net> writes:
>For example, one simple case is to export the inner block of a loop to its
>own function. It makes analysis simpler, by reducing analysis of the loop to
>analysis of the signature of the new function, and it minimizes the risks.
That doesn't always work though. One case where it's really hard is with
parsers that need to move a lot of state around. And I'm not thinking so much
of programming languages but parsing of TLS and SSH client/server hellos and
PGP and CMS headers. You can sort of work around it by putting all of the
state into a huge struct and passing it down through all the inner blocks, but
that generally makes things worse because now you've got a whole jumble of
mostly-unrelated values stuffed into a big blob that you pass around from one
function to the next.
Peter.
More information about the cryptography
mailing list