[Cryptography] The GOTO Squirrel! [was GOTO Considered Harmful]
lists at notatla.org.uk
lists at notatla.org.uk
Thu Mar 6 03:11:53 EST 2014
Lodewijk andré de la porte <l odewijk.nl>:
> > As a developer, I rely on that warning because unreachable code is ALWAYS
> > a mistake.
> Why with buffer overflows no code is truly unreachable! So I would rely on
> that warning to detect any possible buffer overflow.
>
> Could someone make such a thing? It'd be an absolute victory for code
> checking!
>
> Detect parameter ranges, scan for interesting changes in those parameters
> (hopefully intelligently) and viola? Zero bruteness? Just a proof generator?
http://www.cs.berkeley.edu/~daw/papers/overruns-ndss00.pdf
Of course there are other kinds of memory bug besides array/string overruns
and we have other ways (better languages) to eliminate memory bugs.
More information about the cryptography
mailing list