Spec#, nullables and more
Bruno Medeiros
brunodomedeiros+spam at com.gmail
Mon Nov 29 08:57:13 PST 2010
On 27/11/2010 03:29, Rainer Deyke wrote:
> On 11/26/2010 10:28, Bruno Medeiros wrote:
>> Yes, Walter's statement that it is impossible for a null pointer to
>> cause a security vulnerability is (likely) incorrect.
>> But his point at large, considering the discussion that preceded the
>> comment, was that null pointers are utterly insignificant with regards
>> to security vulnerabilities.
>
> I really hate this way of thinking. Security vulnerabilities are binary
> - either they exist or they don't. Every security vulnerability seems
> minor until it is exploited.
>
> Yes, some security vulnerabilities are more likely to be exploited than
> others. But instead of rationalizing about how significant each
> individual security vulnerability is, isn't it better to just fix all of
> them?
>
> (I know, I'm a hopeless idealist.)
>
>
You missed the point. The point wasn't that a vulnerability caused by a
null pointer access was less serious or significant than a vulnerabitiy
caused by a buffer overrun. Once a vulnerability exists, it should be
fixed regardless, yes.
The point was that if you have a null pointer access *bug*, that bug is
incredibly less likely to create a *vulnerability* than a buffer overrun
*bug*. Note that "creating a vulnerability" means "making it *possible*
to exploit the program", it does not mean "someone actually exploiting
the vulnerability".
--
Bruno Medeiros - Software Engineer
More information about the Digitalmars-d
mailing list