Spec#, nullables and more
Ellery Newcomer
ellery-newcomer at utulsa.edu
Thu Nov 25 08:54:39 PST 2010
On 11/25/2010 10:28 AM, Bruno Medeiros wrote:
>
> I think Walter's point remains true: null pointers bugs are an order of
> magnitude less important, if not downright insignificant, with regards
> to security breaches.
>
> I mean, from my understanding of that article, a NPE bug on its own is
> not enough to allow an exploit, but other bugs/exploits need to be be
> present. (in that particular case, a straight-flush of them it seems).
> On the other hand, buffer overflows bugs nearly always make possible an
> exploit, correct?
>
From a language designer's perspective, I think programmer association
of semantic meaning to null (along with null's weak typing) is a more
serious problem than npe vulnerabilities.
More information about the Digitalmars-d
mailing list