Author: Don ArmstrongDon Armstrong Date: Mar 21, 2007 18:20
On Wed, 21 Mar 2007, Manoj Srivastava wrote:
> Buffer overflows are _still_ being exploited, decades after it is
> known that unchecked user input fed to memory allocated on the
> stack. And it does not take a rocket scientist to spot a buffer
> overflow.
Some buffer overflows are easy to spot, but others are quite
difficult. I'd like to think that the people who have reviewed
openbsd's network stack are at least passingly familiar with buffer
overflows, and even they've missed them.
> I think that evil hacker dudes are not quite so devilishly clever;
> there are broad swathes of exploits that stem from very few, well
> known classes of programming errors.
The classes are well known, but the implementations of those errors
can be wildly inventive.
> And you do not need to be up to snuff in the latest kiddie exploit
> to do so.
To find low hanging fruit, sure, but to actually be able to say that
you've properly reviewed the code requires knowing a great deal about
all of the classes of exploits, not just the common ones.
| 
