ljknews wrote: > At 4:44 PM -0500 2/5/08, Steven M. Christey wrote: >> On Mon, 4 Feb 2008, ljknews wrote: >> >>>> ("%99999999s" to fill up disk or memory, anybody?), so it's marked with >>>> "All" and it's not in the C-specific view, even though there's a heavy >>>> concentration of format strings in C/C++. >>> It is marked as "All" ? >>> >>> What is the construct in Ada that has such a risk ? >> Hmmmm, I don't see any, but then again I don't know Ada. Is there no >> equivalent to format strings in Ada? No library support for it? > > Not that I know of, but if you can specify a Pascal equivalent > I might be able to see what you are aiming at. Have you evaluated > Pascal for this defect that is present in "All" languages ? >
Pascal per-se does not have a format string vulnerability - you don't have any functions like that in the base language. Delphi (Borland's oo-pascal) however has a whole truckload of Format* commands which take a format string as the first parameter and thus would potentially be vulnerable to the DOS attack. <rant> Delphi has the capability of run-time bounds checking, which would catch a lot of 'variables not on the stack' errors, however this can be turned off for performance reasons. I don't have a ratio of on/off people. When I originally wrote Delphi code in '96 I switched off bounds checking as the systems I was running on could not take the hit. Now, it is left on continuously as the cost of cycles is not worth it to have better software </rant> _______________________________________________ Secure Coding mailing list (SC-L) SC-L@securecoding.org List information, subscriptions, etc - http://krvw.com/mailman/listinfo/sc-l List charter available at - http://www.securecoding.org/list/charter.php SC-L is hosted and moderated by KRvW Associates, LLC (http://www.KRvW.com) as a free, non-commercial service to the software security community. _______________________________________________