Re: Attention Windows Users

"Peter Duniho" <NpOeStPeAdM@xxxxxxxxxxxxxxxx> wrote in
news:11rcghm1k4t2p64@xxxxxxxxxxxxxxxxxx:

> "Skywise" <into@xxxxxxxxxxxxxxxxxxxx> wrote in message
> news:11rc3usqpk6lsed@xxxxxxxxxxxxxxxxxxxxx
>> [...]
>> Anyway, in my programs, when I read in data, I couldn't see
>> how there could be a buffer overflow. So I asked the question
>> in the support group for XB.
>
> Sounds to me as though you got an explanation oversimplified to the
> point of incorrectness.
<Snipola>

OK, going back and reviewing the discussion I had on this last year....

I couldn't understand from the point of view of programming in XB how
a buffer overflow could occur and asked if an example could be provided.
Here's some excerpts from the reply of one of the maintainters of the
language:

"XB doesn't handle buffers in the same fashion.

The thing to know here is that the buffer in some other languages
is stored in the stack. Therefore a buffer overflow can overwrite
part of the stack, and therefore destroy your return pointer."

and...

"But XBasic strings are allocated as part of dynamic memory and
passed by pointer, so I can't really give you an example in XBasic."

and...

"XBasic does have direct memory access functions... you can
determine where that variable is stored in memory... then you
could intentionally store a value... But that's not a buffer
overflow, nor is it actually careless as you intentionally
wrote the program to do that."

It was agreed that it is a "design limitation" of C that allows buffer
overflows and that a programmer must take specific steps to avoid and
test for possible problems.

I'd also like to mention that the name "XBasic" really means "ex-basic".
The language at first glance appears like a basic but it's not a true
basic langauge. For one thing, it's not run-time interpreted but rather
compiles to assembly. It's fast. It's not a 'toy' language.

Brian
--
http://www.skywise711.com - Lasers, Seismology, Astronomy, Skepticism
Seismic FAQ: http://www.skywise711.com/SeismicFAQ/SeismicFAQ.html
Quake "predictions": http://www.skywise711.com/quakes/EQDB/index.html
Sed quis custodiet ipsos Custodes?
.

Relevant Pages

  • Re: [Lit.] Buffer overruns
    ... or can attempt to access memory they don't own (and -- one hopes! ... mean falling off the low-address end of a buffer, ... going to get a nice obvious error message like "buffer overflow, ... didn't try to defend its own data areas from application programs, ...
    (sci.crypt)
  • Re: Attention Windows Users
    ... > how there could be a buffer overflow. ... > memory. ... A "dynamic allocation" is one that occurs at run-time. ... a buffer overflow can occur with either a dynamic or static ...
    (rec.aviation.piloting)
  • Re: Writing a SECURE daemon
    ... If you are going to chroot the daemon, switch to chroot jail root ... More data can be copied into buffer that they can contain. ... normally the buffer overflow will alter saved EIP of the ... As consequence, attacker can substitute ...
    (comp.os.linux.security)
  • dev/sound/pcm/* patch testers wanted
    ... occasionally stomps on something on the kernel heap and causes panics in ... I tracked down the cause of the buffer ... possible to avoid the potential for a buffer overflow, ... -sndbuf_remalloc(struct snd_dbuf *b, unsigned int blkcnt, unsigned int blksz) ...
    (freebsd-current)
  • Re: slocate vulnerability
    ... >Below is an advisory on a buffer overflow in slocate 2.6.1. ... >replicate the same error in gdb as the advisory and I don’t believe it’s ...
    (Vuln-Dev)