OASIS Mailing List ArchivesView the OASIS mailing list archive below
or browse/search using MarkMail.


Help: OASIS Mailing Lists Help | MarkMail Help

[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]
Re: [xml-dev] Illustrating the Risk of Unconstrained Strings

On 7 November 2015 at 12:46, Costello, Roger L. <costello@mitre.org> wrote:
> Hi Folks,
> A colleague and I created a graphic which illustrates the risk of unconstrained strings:
> http://www.xfront.com/Illustrating-the-Risk-of-Unconstrained-Strings.pdf
> /Roger
> __

Sadly like many graphics purporting to illustrate some mathematical
data, it doesn't illustrate anything.
There is no definition of the values used, and no units on the
diagram, so it is just a quarter circle
randomly coloured with no information content.

The first sentence isn't clearly true (the terms are undefined so it
is hard to be sure).
But the way to prevent a string containing malicious content is to control
write access to it.

If I have a string of length 1 constrained to be "0" or "1" that is
somewhere in the green section of
your picture, I assume. But if it is 1=nuclear destruction 0=do
nothing, then it has a 50%
chance of having malicious content if there are no  controls over what
is writing to it.
If 50% is green what percentages do red represent?


[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index]

News | XML in Industry | Calendar | XML Registry
Marketplace | Resources | MyXML.org | Sponsors | Privacy Statement

Copyright 1993-2007 XML.org. This site is hosted by OASIS