Hi there,
I come from a Visual C++ background. When writing a service that's
exposed to the Internet, I had to check the incoming data stream (from the
client) VERY carefully. If a hacker was able to overflow one of the memory
buffers in my app, he was then able to execute code of his choosing within
the security context of the service. This led to all sorts of precautionary
measures such as ensuring that the service ran in a low-access context,
checking and double-checking all the char[] buffers, etc.
In C#, certainly I can overflow a buffer:
char[] chars=new char[5];
chars[666]='c';
....but while an exception will be thrown, I shouldn't have to worry
about a hacker intentionally corrupting the call stack and executing his own
code, correct? Now certainly there might be OTHER vulnerabilities in my
service, but I just want to ensure that if my code is fully managed (no
unsafe code), I shouldn't have to worry about buffer overrun exploits...
As a secondary question, does MSFT have any plans to rewrite IIS using
..NET? IIS is, after all, the grandfather (or perhaps, great aunt) of the
buffer overrun error.
David
3  1909 
If your code is 100% managed code, you do not need to worry about buffer
overruns. You are on the safe side!
Only problem could be if there is a bug in the .NET VM itself, or in a non
managed component that your application may call.
You should be careful about infinite recursion. Normally, the VM should
throw a StackOverflowException in this case but there are cases where it
does not catch it early enough and where it crashes (does not contradict my
previous statement, this is a bug in the VM). This leaves a door open for
hackers (probably a difficult one to exploit but who knows).
Bruno.
"David Sworder" <ds******@cts.com> a écrit dans le message de
news:%2****************@TK2MSFTNGP12.phx.gbl... Hi there,
I come from a Visual C++ background. When writing a service that's
exposed to the Internet, I had to check the incoming data stream (from the
client) VERY carefully. If a hacker was able to overflow one of the memory
buffers in my app, he was then able to execute code of his choosing within
the security context of the service. This led to all sorts of
precautionary measures such as ensuring that the service ran in a low-access context,
checking and double-checking all the char[] buffers, etc.
In C#, certainly I can overflow a buffer:
char[] chars=new char[5];
chars[666]='c';
....but while an exception will be thrown, I shouldn't have to worry
about a hacker intentionally corrupting the call stack and executing his
own code, correct? Now certainly there might be OTHER vulnerabilities in my
service, but I just want to ensure that if my code is fully managed (no
unsafe code), I shouldn't have to worry about buffer overrun exploits...
As a secondary question, does MSFT have any plans to rewrite IIS using
.NET? IIS is, after all, the grandfather (or perhaps, great aunt) of the
buffer overrun error.
David
or something that MS wrapers, since its unmanaged code theyre wrapping isnt
it. Thats all the libraries are, wrappers to the unmanaged side.
"Bruno Jouhier [MVP]" <bj******@club-internet.fr> wrote in message
news:u5*************@TK2MSFTNGP11.phx.gbl... If your code is 100% managed code, you do not need to worry about buffer
overruns. You are on the safe side!
Only problem could be if there is a bug in the .NET VM itself, or in a non
managed component that your application may call.
You should be careful about infinite recursion. Normally, the VM should
throw a StackOverflowException in this case but there are cases where it
does not catch it early enough and where it crashes (does not contradict
my previous statement, this is a bug in the VM). This leaves a door open for
hackers (probably a difficult one to exploit but who knows).
Bruno.
"David Sworder" <ds******@cts.com> a écrit dans le message de
news:%2****************@TK2MSFTNGP12.phx.gbl... Hi there,
I come from a Visual C++ background. When writing a service that's
exposed to the Internet, I had to check the incoming data stream (from
the client) VERY carefully. If a hacker was able to overflow one of the
memory buffers in my app, he was then able to execute code of his choosing
within the security context of the service. This led to all sorts of
precautionary measures such as ensuring that the service ran in a low-access context,
checking and double-checking all the char[] buffers, etc.
In C#, certainly I can overflow a buffer:
char[] chars=new char[5];
chars[666]='c';
....but while an exception will be thrown, I shouldn't have to worry
about a hacker intentionally corrupting the call stack and executing his
own code, correct? Now certainly there might be OTHER vulnerabilities in my
service, but I just want to ensure that if my code is fully managed (no
unsafe code), I shouldn't have to worry about buffer overrun exploits...
As a secondary question, does MSFT have any plans to rewrite IIS
using .NET? IIS is, after all, the grandfather (or perhaps, great aunt) of the
buffer overrun error.
David
If all your code is verifiable code, then you don't have to worry about
buffer overruns in your code. If you use unsafe code in C#, you can end up
buffer overruns as you can in C++.
--
Eric Gunnerson
Visit the C# product team at http://www.csharp.net
Eric's blog is at http://blogs.gotdotnet.com/ericgu/
This posting is provided "AS IS" with no warranties, and confers no rights.
"Bruno Jouhier [MVP]" <bj******@club-internet.fr> wrote in message
news:u5*************@TK2MSFTNGP11.phx.gbl... If your code is 100% managed code, you do not need to worry about buffer
overruns. You are on the safe side!
Only problem could be if there is a bug in the .NET VM itself, or in a non
managed component that your application may call.
You should be careful about infinite recursion. Normally, the VM should
throw a StackOverflowException in this case but there are cases where it
does not catch it early enough and where it crashes (does not contradict
my previous statement, this is a bug in the VM). This leaves a door open for
hackers (probably a difficult one to exploit but who knows).
Bruno.
"David Sworder" <ds******@cts.com> a écrit dans le message de
news:%2****************@TK2MSFTNGP12.phx.gbl... Hi there,
I come from a Visual C++ background. When writing a service that's
exposed to the Internet, I had to check the incoming data stream (from
the client) VERY carefully. If a hacker was able to overflow one of the
memory buffers in my app, he was then able to execute code of his choosing
within the security context of the service. This led to all sorts of
precautionary measures such as ensuring that the service ran in a low-access context,
checking and double-checking all the char[] buffers, etc.
In C#, certainly I can overflow a buffer:
char[] chars=new char[5];
chars[666]='c';
....but while an exception will be thrown, I shouldn't have to worry
about a hacker intentionally corrupting the call stack and executing his
own code, correct? Now certainly there might be OTHER vulnerabilities in my
service, but I just want to ensure that if my code is fully managed (no
unsafe code), I shouldn't have to worry about buffer overrun exploits...
As a secondary question, does MSFT have any plans to rewrite IIS
using .NET? IIS is, after all, the grandfather (or perhaps, great aunt) of the
buffer overrun error.
David
This thread has been closed and replies have been disabled. Please start a new discussion. Similar topics
by: inkapyrite |
last post by:
Hi all. I'm using ifstream to read from a named pipe but
i've encountered an annoying problem. For some reason, the
program blocks on reading an ifstream's internal buffer that's
only half-filled....
|
by: Sathyaish |
last post by:
I noticed that gets() reads into the buffer even if the you've not
allocated enough memory. For instance, if you do:
char *str=(char*)malloc(sizeof(char));
printf("Enter something about...
|
by: David Sworder |
last post by:
Hi there,
I come from a Visual C++ background. When writing a service that's
exposed to the Internet, I had to check the incoming data stream (from the
client) VERY carefully. If a hacker was...
|
by: John Hensley |
last post by:
There are a couple of bugs in the atlpath.h file that ships with
DevStudio 2003 and DevStudio 2005 Beta 1 & 2. These bugs result in
buffer overrun and memory corruption problems. After...
|
by: Martin Eisenberg |
last post by:
Hi,
If I want to terminate a program upon finding that sprintf has
overrun its output buffer, should I prefer exit or abort from
cstdlib? Thanks.
Martin
--
|
by: Lonewolf |
last post by:
Hi
I'm faced with a very pesky problem. I have a managed assembly done in
C++/CLI which interface to native C++ codes, and a C# app which consumes
this assembly. I realize that when both the app...
|
by: Anthony Baxter |
last post by:
SECURITY ADVISORY
Buffer overrun in repr() for UCS-4 encoded unicode strings
http://www.python.org/news/security/PSF-2006-001/
Advisory ID: PSF-2006-001
Issue Date: October 12, 2006...
|
by: Nico |
last post by:
Where can I get it? I am a new comer here, I need your help.
|
by: Xah Lee |
last post by:
http://xahlee.org/emacs/modernization.html
]
The Modernization of Emacs
----------------------------------------
THE PROBLEM
Emacs is a great editor. It is perhaps the most powerful and...
|
by: raashid bhatt |
last post by:
#include <stdio.h>
#include <string.h>
#include <stdlib.h>
void func(char *p)
{
char i;
strcpy(i, p);
}
|
by: Charles Arthur |
last post by:
How do i turn on java script on a villaon, callus and itel keypad mobile phone
|
by: emmanuelkatto |
last post by:
Hi All, I am Emmanuel katto from Uganda. I want to ask what challenges you've faced while migrating a website to cloud.
Please let me know.
Thanks!
Emmanuel
|
by: BarryA |
last post by:
What are the essential steps and strategies outlined in the Data Structures and Algorithms (DSA) roadmap for aspiring data scientists? How can individuals effectively utilize this roadmap to progress...
|
by: nemocccc |
last post by:
hello, everyone, I want to develop a software for my android phone for daily needs, any suggestions?
|
by: Hystou |
last post by:
There are some requirements for setting up RAID:
1. The motherboard and BIOS support RAID configuration.
2. The motherboard has 2 or more available SATA protocol SSD/HDD slots (including MSATA, M.2...
|
by: Oralloy |
last post by:
Hello folks,
I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>".
The problem is that using the GNU compilers,...
|
by: Hystou |
last post by:
Overview:
Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
|
by: tracyyun |
last post by:
Dear forum friends,
With the development of smart home technology, a variety of wireless communication protocols have appeared on the market, such as Zigbee, Z-Wave, Wi-Fi, Bluetooth, etc. Each...
|
by: agi2029 |
last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
| |
