I have To agree with Ben
-Original Message-
From: IBM Mainframe Discussion List [mailto:ibm-m...@bama.ua.edu] On
Behalf Of Binyamin Dissen
Sent: Tuesday, March 03, 2009 3:19 PM
To: IBM-MAIN@bama.ua.edu
Subject: Re: Do and don't in programing (Security wise)
On Tue, 3 Mar 2009 18:
Arthur T. wrote:
Well, that defeats one of my forced abend techniques:
BRC cond,*+2
This branches into the middle of the BRC (Jump) instruction, which in
this
case is always x'0001', resulting in an S0C1 abend.
SOC1s are too common to stand out. I prefer
EX R15,*(Of course, it doe
On Tue, 3 Mar 2009 18:05:42 -0500 "Arthur T." wrote:
:>On 3 Mar 2009 14:14:45 -0800, in bit.listserv.ibm-main
:>(Message-ID:)
:>joa...@swbell.net (John McKown) wrote:
:>
:>>Well, that defeats one of my forced abend techniques:
:>>
:>> BRC cond,*+2
:>>
:>>This branches into the middle of the B
On 3 Mar 2009 14:14:45 -0800, in bit.listserv.ibm-main
(Message-ID:)
joa...@swbell.net (John McKown) wrote:
Well, that defeats one of my forced abend techniques:
BRC cond,*+2
This branches into the middle of the BRC (Jump)
instruction, which in this
case is always x'0001', resulting in a
Itschak Mugzach wrote:
I am looking for some rules of Thumb regarding what is improper to code in a
program (say Cobol, but in general, any language) from security point of
view. Are there any resources on that any where? Some examples:
- Do nit use literals of variables containing Account number
On Tue, 3 Mar 2009 16:40:31 -0500, Gerhard Postpischil
wrote:
>Itschak Mugzach wrote:
>> Any other ideas?
>
>Don't write code that branches into the middle of an instruction
>- with proper choice of base registers and displacements, it's
>possible to write a chain of code contained in another, bu
Itschak Mugzach wrote:
Any other ideas?
Don't write code that branches into the middle of an instruction
- with proper choice of base registers and displacements, it's
possible to write a chain of code contained in another, but
definitely not recommended.
Gerhard Postpischil
Bradford, VT
I am looking for some rules of Thumb regarding what is improper to code in a
program (say Cobol, but in general, any language) from security point of
view. Are there any resources on that any where? Some examples:
- Do nit use literals of variables containing Account numbers, SSNs, Etc. in
your pro
8 matches
Mail list logo