The SEI has published CMU/SEI-2006-TR-006 "Specifications for Managed
Strings" and released a "proof-of-concept" implementation of the
managed string library.
The specification, source code for the library, and other resources
related to managed strings are available for download from the CERT web
site at: http://www.cert.org/secure-coding/managedstring.html
The following is a brief summary of the managed string library:
The managed string library was developed in response to the need for a
string library that can improve the quality and security of newly
developed C-language programs while eliminating obstacles to widespread
adoption and possible standardization. As the name implies, the managed
string library is based on a dynamic approach; memory is allocated and
reallocated as required. This approach eliminates the possibility of
unbounded copies, null-termination errors, and truncation by ensuring
that there is always adequate space available for the resulting string
(including the terminating null character). The one exception is if
memory is exhausted; that is treated as an error condition. In this
way, the managed string library accomplishes the goal of indicating
either success or failure. The managed string library also protects
against improper data sanitization by (optionally) ensuring that all
characters in a string belong to a predefined set of "safe" characters.
rCs
--
Robert C. Seacord
Senior Vulnerability Analyst
CERT/CC 7  2388 
rCs wrote: The SEI has published CMU/SEI-2006-TR-006 "Specifications for Managed
Strings" and released a "proof-of-concept" implementation of the
managed string library.
The specification, source code for the library, and other resources
related to managed strings are available for download from the CERT web
site at:
http://www.cert.org/secure-coding/managedstring.html
The following is a brief summary of the managed string library:
The managed string library was developed in response to the need for a
string library that can improve the quality and security of newly
developed C-language programs while eliminating obstacles to widespread
adoption and possible standardization. As the name implies, the managed
string library is based on a dynamic approach; memory is allocated and
reallocated as required. This approach eliminates the possibility of
unbounded copies, null-termination errors, and truncation by ensuring
that there is always adequate space available for the resulting string
(including the terminating null character). The one exception is if
memory is exhausted; that is treated as an error condition. In this
way, the managed string library accomplishes the goal of indicating
either success or failure. The managed string library also protects
against improper data sanitization by (optionally) ensuring that all
characters in a string belong to a predefined set of "safe" characters.
rCs
This is a much better approach than TR 24731. No longer is the
programmer required to keep track of the length of the strings,
an essential point if we are going to make things more sure.
Up to minor details this is the same principle of lcc-win32's
implementation of a string library.
It would be nice if the people in the comitee looked at this.
jacob
Jacob,
Comments below. This is a much better approach than TR 24731. No longer is the
programmer required to keep track of the length of the strings,
an essential point if we are going to make things more sure.
Up to minor details this is the same principle of lcc-win32's
implementation of a string library.
It would be nice if the people in the comitee looked at this.
I am on the WG14 committee and I have looked into it. 8^)
I don't believe this is a better approach than TR 24731--I think it
solves a different problem.
TR 24731 is a very good approach for remediation of existing code
because it offers close replacements to existing functions.
I think the managed strings library is a better approach for new
development--including the development of new modules or subsystems--for
the reasons you gave.
The WG14 committee reviewed my proposal at both the Mt. Tremblant and
Berlin meetings. The feedback I received was that it was a reasonable
technical solution but that there wasn't enough market demand yet to
publish this as a ISO/IEC TR.
rCs
Robert Seacord a écrit : The WG14 committee reviewed my proposal at both the Mt. Tremblant and
Berlin meetings. The feedback I received was that it was a reasonable
technical solution but that there wasn't enough market demand yet to
publish this as a ISO/IEC TR.
Interesting. The evolution of C is now "market driven". What counts,
if I understand you correctly, is "market demand".
This comes as a surprise to me since companies like Microsoft feel
that it is worth to spend time and money researching this string
problem, and spending money in proposing alternatives.
Of course I suppose that the standards comitee has a better researched
investigation of the market than Microsoft.
This assertion that "there isn't enough market demand" then,
is not just based on the "feelings of the comitee members"
but in hard won market research that was done previously to that
decision.
It would be interesting to see it.
How does the C comitee evaluate the "market demands"?
jacob
On 2006-06-15, jacob navia <ja***@jacob.remcomp.fr> wrote: Robert Seacord a écrit : The WG14 committee reviewed my proposal at both the Mt. Tremblant and
Berlin meetings. The feedback I received was that it was a reasonable
technical solution but that there wasn't enough market demand yet to
publish this as a ISO/IEC TR.
Interesting. The evolution of C is now "market driven". What counts,
if I understand you correctly, is "market demand".
Judging by C99's reception, yes.
This comes as a surprise to me since companies like Microsoft feel
that it is worth to spend time and money researching this string
problem, and spending money in proposing alternatives.
MS also felt it was worth it to spend time and money on IE5, 6, and 7, as well
as Visual Studio itself, .NET, C#...
Think "crushing real standards".
Of course I suppose that the standards comitee has a better researched
investigation of the market than Microsoft.
Considering MS's biased research on everything (most notably server
performance), yes.
This assertion that "there isn't enough market demand" then,
is not just based on the "feelings of the comitee members"
but in hard won market research that was done previously to that
decision.
It would be interesting to see it.
How does the C comitee evaluate the "market demands"?
Perhaps by counting the number of Standard purchases? I hear that C89 is
*still* more popular than C99.
--
Andrew Poelstra < http://www.wpsoftware.net/blog >
To email me, use "apoelstra" at the above address.
I know that area of town like the back of my head.
"jacob navia" <ja***@jacob.remcomp.fr> wrote in message
Interesting. The evolution of C is now "market driven". What counts,
if I understand you correctly, is "market demand".
This comes as a surprise to me since companies like Microsoft feel
that it is worth to spend time and money researching this string
problem, and spending money in proposing alternatives.
Of course I suppose that the standards comitee has a better researched
investigation of the market than Microsoft.
Software companies want to sell versions of their particular compiler,
whilst programmers want tools that will help them do their jobs.
From a programmer's point of view, a standard is usually a good thing. It
means that they know how a piece of software will work, that the same
software can be compiled by different compilers, that they don't have to
constantly learn new languages.
The compiler vendor's attitude is a bit more ambivalent. If everyone merely
releases an ANSI standard C compiler, the cheapest one will win. Marketing
people like to be able to differentiate their product. They want
interoperability in so far as it helps people move from rival products to
their own, but not if it helps people go in the reverse direction, except
that they cannot ignore user demands entirely.
Things like a "better" string library which break compatibility with
virtually every program written in standard C are a dream for a compiler
vendor. They are good for the customer only if the benefits of the library
outweigh all the costs. Sometimes this may be the case, for instance if you
only write software for Microsoft operating systems, or if efficiency in
string handling is paramount. Often, however, the vendor is the one who is
winning.
--
Buy my book 12 Common Atheist Arguments (refuted)
$1.25 download or $7.20 paper, available www.lulu.com/bgy1mm
Malcolm a écrit : "jacob navia" <ja***@jacob.remcomp.fr> wrote in message
Interesting. The evolution of C is now "market driven". What counts,
if I understand you correctly, is "market demand".
This comes as a surprise to me since companies like Microsoft feel
that it is worth to spend time and money researching this string
problem, and spending money in proposing alternatives.
Of course I suppose that the standards comitee has a better researched
investigation of the market than Microsoft.
Software companies want to sell versions of their particular compiler,
whilst programmers want tools that will help them do their jobs.
From a programmer's point of view, a standard is usually a good thing. It
means that they know how a piece of software will work, that the same
software can be compiled by different compilers, that they don't have to
constantly learn new languages.
The compiler vendor's attitude is a bit more ambivalent. If everyone merely
releases an ANSI standard C compiler, the cheapest one will win. Marketing
people like to be able to differentiate their product. They want
interoperability in so far as it helps people move from rival products to
their own, but not if it helps people go in the reverse direction, except
that they cannot ignore user demands entirely.
Things like a "better" string library which break compatibility with
virtually every program written in standard C are a dream for a compiler
vendor. They are good for the customer only if the benefits of the library
outweigh all the costs. Sometimes this may be the case, for instance if you
only write software for Microsoft operating systems, or if efficiency in
string handling is paramount. Often, however, the vendor is the one who is
winning.
You misunderstood the problem Malcolm.
This is about a STANDARD string library precisely, not tied to a single
vendor.
Microsoft proposed a STANDARD library, i.e. proposed to agree with all
other compiler vendors in a common set of string functions.
Besides Microsoft, the CERT also worked in this direction. What I
am complaining is that the comitee refuses to publish a standard
string library that goes beyond the awful string functions that we
have in C.
With NO reason, just vague "market is not there" claims, that are
NOT backed up with an investigation of the market!
"jacob navia" <ja***@jacob.remcomp.fr> wrote in message
news:44*********************@news.orange.fr... Malcolm a écrit : "jacob navia" <ja***@jacob.remcomp.fr> wrote in message
Interesting. The evolution of C is now "market driven". What counts,
if I understand you correctly, is "market demand".
This comes as a surprise to me since companies like Microsoft feel
that it is worth to spend time and money researching this string
problem, and spending money in proposing alternatives.
Of course I suppose that the standards comitee has a better researched
investigation of the market than Microsoft.
Software companies want to sell versions of their particular compiler,
whilst programmers want tools that will help them do their jobs.
From a programmer's point of view, a standard is usually a good thing. It
means that they know how a piece of software will work, that the same
software can be compiled by different compilers, that they don't have to
constantly learn new languages.
The compiler vendor's attitude is a bit more ambivalent. If everyone
merely releases an ANSI standard C compiler, the cheapest one will win.
Marketing people like to be able to differentiate their product. They
want interoperability in so far as it helps people move from rival
products to their own, but not if it helps people go in the reverse
direction, except that they cannot ignore user demands entirely.
Things like a "better" string library which break compatibility with
virtually every program written in standard C are a dream for a compiler
vendor. They are good for the customer only if the benefits of the
library outweigh all the costs. Sometimes this may be the case, for
instance if you only write software for Microsoft operating systems, or
if efficiency in string handling is paramount. Often, however, the vendor
is the one who is winning.
You misunderstood the problem Malcolm.
This is about a STANDARD string library precisely, not tied to a single
vendor.
Microsoft proposed a STANDARD library, i.e. proposed to agree with all
other compiler vendors in a common set of string functions.
Besides Microsoft, the CERT also worked in this direction. What I
am complaining is that the comitee refuses to publish a standard
string library that goes beyond the awful string functions that we
have in C.
With NO reason, just vague "market is not there" claims, that are
NOT backed up with an investigation of the market!
Really?
I've obviously misjudged them.
I'm a bit sour because I was investigating the possibility of a new PC to
run their new OS on in Beta. Microsoft Publisher retails at about 170
pounds. Everything else I can get for a reasonable price through the
university. Publisher I just need to do a few bits and pieces, but because
of some licensing agreement the university won't sell it to me. This is MS
all over - they charge absurd prices which virtually no one pays, and
everyone goes through irritating little hoops to make things work.
I simply assumed that the string library would be another conspiracy against
the community.
--
Buy my book 12 Common Atheist Arguments (refuted)
$1.25 download or $7.20 paper, available www.lulu.com/bgy1mm This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: Bob Rock |
last post by:
Hello,
in the last few days I've made my first few attempts at creating mixed C++
managed-unmanaged assemblies and looking aftwerwards with ILDASM at what is
visible in those assemblies from a...
|
by: lolomgwtf |
last post by:
I have a managed C++ method that wraps unmanaged code and creates a
managed object holding data retrieved form an unmanged one. I want
create an instance of this managed class in C#, pass it to...
|
by: awk |
last post by:
Hi All
I have a com dll written in VB6 (it's a User Function Library for my crystal
reports - this allows me to write custom functions for Crystal
which can be applied in Crystal formulas - none...
|
by: Aaron Queenan |
last post by:
When I build a C++ library to .NET using the managed C++ compiler, I get the
following error message:
Linking...
LINK : error LNK2020: unresolved token (0A000005) _CrtDbgReport
LINK : error...
|
by: lolomgwtf |
last post by:
I have a managed C++ method that wraps unmanaged code and creates a
managed object holding data retrieved form an unmanged one. I want
create an instance of this managed class in C#, pass it to...
|
by: bor_kev |
last post by:
Hi,
First of all, i want to use the new managed class syntax and STL.NET
under Microsoft Visual (C++) Studio 2005 Beta.
I read in a Microsoft...
|
by: Maxwell |
last post by:
Hello,
I having having oodles of trouble using the std lib in my MC++ (VS.NET
2003) Class library. I figured out a simple sample to reproduce the
errors I am having. Create a MC++ (VS.NET 2003)...
|
by: Apu Nahasapeemapetilon |
last post by:
Hello and thank you in advance for your help.
Can anyone think of a reason why this code would work properly on one PC,
but not another?
I've got a System.Windows.Forms.UserControl that...
|
by: Robert Seacord |
last post by:
The SEI has published CMU/SEI-2006-TR-006 "Specifications for Managed
Strings" and released a "proof-of-concept" implementation of the managed
string library.
The specification, source code for...
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: Sonnysonu |
last post by:
This is the data of csv file
1 2 3
1 2 3
1 2 3
1 2 3
2 3
2 3
3
the lengths should be different i have to store the data by column-wise with in the specific length.
suppose the i have to...
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: marktang |
last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
|
by: Hystou |
last post by:
Most computers default to English, but sometimes we require a different language, especially when relocating. Forgot to request a specific language before your computer shipped? No problem! You can...
|
by: jinu1996 |
last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
|
by: isladogs |
last post by:
The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM).
In this session, we are pleased to welcome a new...
| |
