Lists Home |
Date Index |
Tyler Close wrote:
> On Friday 03 October 2003 10:32, Bullard, Claude L (Len) wrote:
> > The first step will be to learn to dampen
> > Spy Vs Spy arguments with regards to who
> > has the safest system in situations where
> > it is the coding culture that is at issue.
> The point of the original post is that ASN.1 posed problems
> even in a coding culture that is, and has been, highly
> attuned to security issues.
Any programmer highly attuned to security issues would make sure that:
- the program checks that all memory allocation requests are satisfied
- the program does not write or read beyond the limits of the allocated
- the program does not try to allocate gigabytes of memory just because the
incoming message seems to require that
- the program does not try to recurse hundreds of levels down the stack just
because the the incoming message seems to require that
- etc. etc.
However, these are precisely the kinds of bugs that have been found in the
faulty implementations of SNMP and OpenSSL. Therefore, the programmers who
wrote the code (and the people who evaluated and used their code) were *not*
in any sense "highly attuned to security issues". If those programmers are
still around and haven't learned the lesson, and if other people use their
code carelessly in building more-complex software, we will still have
problems. There is nothing specific to ASN.1 here.
Note that implementing a cryptography algorithm does not make you a
security-aware programmer. Cryptography is one thing, safe programming is
> Dismissing this data point as merely the results of sloppy
> programming seems dubious. There are likely greater lessons
> to be learned here.
> The xml-dev list is sponsored by XML.org
> <http://www.xml.org>, an initiative of OASIS
The list archives are at http://lists.xml.org/archives/xml-dev/
To subscribe or unsubscribe from this list use the subscription