Clearing sensitive in-memory data in perl

Anne & Lynn Wheeler lynn at garlic.com
Fri Sep 16 18:05:26 EDT 2005 

Victor Duchovni wrote:
> While some of the fault is perhaps in the core language, my contention is
> that the real problem is the anemic standard C-library. When working on C
> projects that have (and uniformly use) their own mature string handling
> libraries (I was a contributor to Tcl in the 90's and am now working
> in Postfix) I found that buffer overflows (and with Tcl for reasons I
> won't go into here also memory leaks) were a non-issue in those systems.
> 
> With either Tcl_DString or VSTRING (Postfix), one simply loses the
> habit of needing to keep track of buffer lengths. When combined with a
> compatible I/O interface (say VSTREAM), argument vector library (ARGV)
> hash table library, ... one no longer in practice manipulates bare
> null-terminated string buffers except when passing (usually read-only)
> content to system calls via the C-library.
> 
> I continue to write code in C, free of buffer overflows and memory leaks,
> not because I am more manly than the next programmer, but because I am
> attracted to working on well-designed systems, whose designers took the
> time to develop a richer set of idioms in which to construct their work.
> 
> My view is that C is fine, but it needs a real library and programmers
> who learn C need to learn to use the real library, with the bare-metal
> C-library used only by library developers to bootstrap new safe
> primitives.
> 

I've frequently observed in the past that some assembler language
environments have also had very pervasive use of explicit lengths
associated with most operations, system functions, and
library routines resulted in very low frequency of buffer overflows ...
some amount of collected past posts on the subject ... including the
30 years later article (when it first came out)
http://www.garlic.com/~lynn/subpubkey.html#overflow

minor connection .... the 30 years later article is about multics
which was done on the 5th floor of 545 tech sq ... and some of
the assembler stuff that i'm familiar with was done on the 4th
floor (slight disclaimer i was on the 4th flr for some amount
of the period)
http://www.garlic.com/~lynn/subtopic.html#545tech

some of the early stuff done on the 4th floor ... also was adapted to
some number of commercial time-sharing services which had some fairly
stringent integrity requirements
http://www.garlic.com/~lynn/subtopic.html#timeshare

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list