Velocity Reviews - Computer Hardware Reviews

Velocity Reviews > Newsgroups > Programming > C Programming > vulnerabilities

Reply
Thread Tools

vulnerabilities

 
 
wijhierbeneden
Guest
Posts: n/a
 
      10-21-2004
Hello

I want to make a list of all the vulnerabilities in C/C++.
I am aware of bufferoverflow/heapoverflow/race conditions/format string bugs/
Off-by-one/ numeric under- and overflow/ unsigned-signed mismatch

Are there other vulnerabilities in c/c++??

thx
 
Reply With Quote
 
 
 
 
Dave Vandervies
Guest
Posts: n/a
 
      10-21-2004
In article <(E-Mail Removed)> ,
wijhierbeneden <(E-Mail Removed)> wrote:
>Hello
>
>I want to make a list of all the vulnerabilities in C/C++.
>I am aware of bufferoverflow/heapoverflow/race conditions/format string bugs/
>Off-by-one/ numeric under- and overflow/ unsigned-signed mismatch
>
>Are there other vulnerabilities in c/c++??


Incompetent programmers, especially the ones who think they're competent.

(Unless you're interested in ones that only apply to C or C++, though
that eliminates all the ones in your list too.)


dave

--
Dave Vandervies http://www.velocityreviews.com/forums/(E-Mail Removed)
In the reality I am currently experiencing, I have no dog. I agree it is
possible that I might have had a dog before some student C programmer or
other overflowed a signed int. --Richard Heathfield in comp.lang.c
 
Reply With Quote
 
 
 
 
Malcolm
Guest
Posts: n/a
 
      10-21-2004

"wijhierbeneden" <(E-Mail Removed)>
>
> I want to make a list of all the vulnerabilities in C/C++.
> I am aware of bufferoverflow/heapoverflow/race conditions/format string
> bugs/
> Off-by-one/ numeric under- and overflow/ unsigned-signed mismatch
>
> Are there other vulnerabilities in c/c++??
>

Stack overflow for recursive functions springs to mind.

One of the main problems with C is that there is no error-handling
mechanism, so exceptions must be coded as part of the normal flow of the
program. This can make testing very difficult.


 
Reply With Quote
 
Martin Ambuhl
Guest
Posts: n/a
 
      10-21-2004
wijhierbeneden wrote:

> Hello
>
> I want to make a list of all the vulnerabilities in C/C++.


The good news is that there are none. Since "C/C++" is a fictional
language with no features at all, it escapes any vulnerabilities the two
languages C and C++ might have.

There is, of course, no reason to assume that any vulnerabilities the
two different languages C and C++ might have are shared.
 
Reply With Quote
 
Eric Sosman
Guest
Posts: n/a
 
      10-21-2004
wijhierbeneden wrote:
> Hello
>
> I want to make a list of all the vulnerabilities in C/C++.
> I am aware of bufferoverflow/heapoverflow/race conditions/format string bugs/
> Off-by-one/ numeric under- and overflow/ unsigned-signed mismatch
>
> Are there other vulnerabilities in c/c++??


A colleague of mine once encountered

#define HASHSIZE 51 /* a small prime */

.... and since it's well beyond the capabilities of
current (or even of imagined) compilers to detect
bugs of this sort, I think we can classify this as
a built-in vulnerability of the language.

You're going to wind up with a l-o-n-g list,
you know ...

--
(E-Mail Removed)

 
Reply With Quote
 
jacob navia
Guest
Posts: n/a
 
      10-21-2004
wijhierbeneden wrote:
> Hello
>
> I want to make a list of all the vulnerabilities in C/C++.
> I am aware of bufferoverflow/heapoverflow/race conditions/format string bugs/
> Off-by-one/ numeric under- and overflow/ unsigned-signed mismatch
>
> Are there other vulnerabilities in c/c++??
>
> thx


Your list makes no sense. Let's go into this list in
more detail:

1: Buffer overflows. This can be seen as a vulnerability of C.
There were discussions here about length delimited strings,
and it is a vulnerability that can be fixed.

2: Heap overflow. Strange, difficult to see what you mean here:
2A: The heap gets bigger than the stack and overflows the stack.
This one has nothing to do with C.
2B: You ask for more memory than the system can give
you and the program crashes.
This one has nothing to do with C either.

3: Race conditions: They can happen to you in any language.
This is a general problem of multi-thread, multi-tasking
programming. Since this type of programming is done often
in C, they happen in C but they could happen in lisp too.

4: Format string bugs: Yes, "%s" implies filling a buffer
with an underminate number of bytes and this is a bad
spec in C (in my opinion).
No use of denying this. It induces to error. See
the discussion about strings.

5: Off by one can happen in *any* language, and even in
hardware. Remember the infamous bug Intel had in
the division? It was an off by one copy of the constants
needed by the algorithm: one row was missing. This is
a logic bug, not a C specific one.

6: Same for overflow/undeflow. You can have it in any
language where numbers are accepted !

7: Unsigned/signed mismatch is an error specific to
languages that allow you to use unsigned integers.
There aren't many, and C is one of them. This is
a problem not with C but with people making errors.
As any error, this can lead to bugs but I think the
advantages outweight the problems with unsigned
numbers.

I would admit that buffer overflows and string handling in
C lead to catastrophes in hostile environments. I am just
of the opinion that this can be fixed without throwing away
all the language with it.

What makes C interesting is precisely this absence of an
established paradigm of the language. C is not object
oriented, nor list oriented or array oriented like APL.

It doesn't impose you any preconceived view of your
application.
 
Reply With Quote
 
Merrill & Michele
Guest
Posts: n/a
 
      10-21-2004

"wijhierbeneden" <(E-Mail Removed)> wrote > I want to make a list
of all the vulnerabilities in C/C++.
> I am aware of bufferoverflow/heapoverflow/race conditions/format string

bugs/
> Off-by-one/ numeric under- and overflow/ unsigned-signed mismatch
>
> Are there other vulnerabilities in c/c++??
>
> thx


Why do you ask? MPJ


 
Reply With Quote
 
jacob navia
Guest
Posts: n/a
 
      10-21-2004
Martin Ambuhl wrote:

> wijhierbeneden wrote:
>
>> Hello
>>
>> I want to make a list of all the vulnerabilities in C/C++.

>
>
> The good news is that there are none. Since "C/C++" is a fictional
> language with no features at all, it escapes any vulnerabilities the two
> languages C and C++ might have.
>
> There is, of course, no reason to assume that any vulnerabilities the
> two different languages C and C++ might have are shared.


Since you can write programs in strict C in C++ (the whole C89
standard is quite accepted), and even if not used by C++
programmers, C is still in the specs of C++, so any C
vulnerabilities are in C++ also.


 
Reply With Quote
 
jacob navia
Guest
Posts: n/a
 
      10-21-2004
Malcolm wrote:

> "wijhierbeneden" <(E-Mail Removed)>

[snip]
>>Are there other vulnerabilities in c/c++??
>>

>
> Stack overflow for recursive functions springs to mind.


Stack overflow is inherent to all languages that use a
stack. It can happen to you from Pascal to Lisp, passing
through Java and Delphi.

There is nothing surprising that C also shares the problem
of any software that uses a stack.

 
Reply With Quote
 
James Stevenson
Guest
Posts: n/a
 
      10-21-2004

On 21 Oct 2004, wijhierbeneden wrote:

> Hello
>
> I want to make a list of all the vulnerabilities in C/C++.
> I am aware of bufferoverflow/heapoverflow/race conditions/format string bugs/
> Off-by-one/ numeric under- and overflow/ unsigned-signed mismatch
>
> Are there other vulnerabilities in c/c++??


just plane bad design. This alone can cause a headache of problems since
normally the bug of that size cannot be fixed easaliy.


--
--------------------------
Mobile: +44 07779080838
http://www.stev.org
12:50am up 1 day, 11:16, 4 users, load average: 0.00, 0.02, 0.00

 
Reply With Quote
 
 
 
Reply

Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Check for vulnerabilities in Cisco IOS? you know who maybe Cisco 3 07-31-2006 04:53 AM
Mozilla Firefox Two Vulnerabilities Extremely critical ( Release Ron Firefox 29 11-15-2005 10:12 PM
CERT Advisory: Cisco IOS DoS vulnerabilities (Just an FYI) Pavlov Cisco 0 04-21-2004 06:41 PM
CERT Advisory CA-2003-22 Multiple Vulnerabilities in Microsoft Internet Explorer Boomer Computer Support 1 08-27-2003 12:15 AM
Does MSN Messenger create more vulnerabilities ? John Owens Computer Support 0 07-10-2003 11:51 PM



Advertisments