Why do Buffer Oveflows still exist?
Results 1 to 4 of 4

Thread: Why do Buffer Oveflows still exist?

  1. #1

    Why do Buffer Oveflows still exist?

    Hi,

    I'm sure this is a stupid question, but to me it seems quite simple. Just check your buffers.

    I know that a lot of older programs use things like strcpy and the like, which dont have any sort of protectoin, however, why do they still exist in current applications?

    Thanks for any help.

  2. #2
    Just a Virtualized Geek MrLinus's Avatar
    Join Date
    Sep 2001
    Location
    Redondo Beach, CA
    Posts
    7,324
    Because programmers are human and make mistakes due to pressure to get out code quickly rather than in a full stable/secure form?
    Goodbye, Mittens (1992-2008). My pillow will be cold without your purring beside my head
    Extra! Extra! Get your FREE copy of Insight Newsletter||MsMittens' HomePage

  3. #3
    rebmeM roineS enilnOitnA steve.milner's Avatar
    Join Date
    Jul 2003
    Posts
    1,018
    It's a complexity thing too.

    I'm participating in writing an EPoS system with another 2 developers, which so far > 150k lines of code.

    Because of that complexity I can't be sure my code interacts with other peoples code in the way I would predict .

    And that's how the problems creep in.

    Scale that up to several millions of lines of code and hundreds of developers and problems of this kind become nearly a statistically certainty.

    Steve
    IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com

  4. #4
    ok,

    great. thanks, i knew that there had to be some reason.

    Thanks again

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •