-
February 12th, 2004, 09:43 PM
#1
Member
Why do Buffer Oveflows still exist?
Hi,
I'm sure this is a stupid question, but to me it seems quite simple. Just check your buffers.
I know that a lot of older programs use things like strcpy and the like, which dont have any sort of protectoin, however, why do they still exist in current applications?
Thanks for any help.
-
February 12th, 2004, 09:44 PM
#2
Because programmers are human and make mistakes due to pressure to get out code quickly rather than in a full stable/secure form?
-
February 12th, 2004, 09:55 PM
#3
It's a complexity thing too.
I'm participating in writing an EPoS system with another 2 developers, which so far > 150k lines of code.
Because of that complexity I can't be sure my code interacts with other peoples code in the way I would predict .
And that's how the problems creep in.
Scale that up to several millions of lines of code and hundreds of developers and problems of this kind become nearly a statistically certainty.
Steve
IT, e-commerce, Retail, Programme & Project Management, EPoS, Supply Chain and Logistic Services. Yorkshire. http://www.bigi.uk.com
-
February 12th, 2004, 11:50 PM
#4
Member
ok,
great. thanks, i knew that there had to be some reason.
Thanks again
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|