 
| Sender: |
|
| Date: |
Wed, 23 Aug 2006 06:12:06 -0700 |
| Reply-To: |
|
| Subject: |
|
| MIME-Version: |
1.0 |
| Content-Transfer-Encoding: |
7bit |
| In-Reply-To: |
|
| Content-Type: |
text/plain; charset=ISO-8859-1; format=flowed |
| From: |
|
| Parts/Attachments: |
|
|
rCS,
Thanks for posting this interesting piece of "Ada" information. The one
quote from that book,
" Ideally, C and C++ compilers will one day provide options to generate
code to check for overflow conditions."
nearly had me on the floor! I think people should get a reawakening
when it comes to using Ada more in their
software development projects. Doing the checks for safety, as an
afterthought and not as part of the language,
is goofy.
Just my $0.02.
Chris Sparks
Colin Paul Gloster wrote:
>On Thu, 17 Aug 2006, Robert C. Seacord emailed to an email list of the
>Association of C and C++ Users ( WWW.ACCU.org ):
>
>"The CERT/CC has released a beta version of a secure integer library for
>the C Programming Language. The library is available for download from
>the CERT/CC Secure Coding Initiative web page at:
>http://www.cert.org/secure-coding/
>
>[..]
>
>[..] The
>following example illustrates how the library can be used to add two
>signed long integer values:
>
> long retsl, xsl, ysl;
> xsl = LONG_MAX;
> ysl = 0;
> retsl = addsl(xsl,ysl);
>
>[..]
>
>For more information on vulnerabilities and other problems resulting
>from the incorrect use of integers in C and C++ please read Chapter 5 of
>"Secure Coding in C and C++" which is available as a free download from
>the CERT web site:
>
>http://www.cert.org/books/secure-coding/moreinfo.html
>
>[..]
>
>Thanks,
>rCs
>
>
>
>
|
|
|
