[Cryptography] "NSA-linked Cisco exploit poses bigger threat than previously thought"
Viktor Dukhovni
cryptography at dukhovni.org
Wed Aug 24 01:04:27 EDT 2016
On Wed, Aug 24, 2016 at 02:22:52AM -0000, John Levine wrote:
> >I'm thinking of something like a "safe buffer" struct that would have an internally set size.
>
> Dan Bernstein wrote string libraries like that in the late 1990s that
> he used in qmail and djbdns.
Postfix and Tcl both contain internal safe string libraries,
(VSTRINGs and Tcl_DStrings respectively) and use them consistently,
as do Tcl extensions. Postfix also has VSTREAMs that do safe I/O
with VSTRINGs). These libraries also don't suffer buffer overflows.
These libraries also date back to the 90's. OpenSSH also has had
decent safe buffer management for some time. Each project rolled
their own, but did a reasonably good job. Not all projects fared
so well.
Sadly incorporating safer standard facilities into the C library
is a herculean effort. My take is that the difficulty with C is
not so much the language as the rather minimal runtime. If the C
library were substantially richer, most programmers would use
safer built-in interfaces rather than write unsafe code, or roll
their own "safe" code badly.
--
Viktor.
More information about the cryptography
mailing list