Linked by Eugenia Loli-Queru on Mon 5th Dec 2005 05:39 UTC
Strings - such as command-line arguments, environment variables, and console input - are of special concern in secure programming because they comprise most of the data exchanged between an end user and a software system. This chapter covers the security issues with strings and how you can sidestep them.
Thread beginning with comment 68928
To view parent comment, click here.
To read all comments associated with this story, please click here.
To view parent comment, click here.
To read all comments associated with this story, please click here.
Recent Original Stories
Recent Comments
Headlines
Random Comments
Random Stories
Random OS Link
Member since:
2005-06-30
Completely agree with you., with an exception. In my opinion, system programmers writing low-level routines (kernel, drivers) should have the burden to make these checks since they should know what they are doing. The 2 or 3% of CPU does matter since performance is an issue. Sure, it isn't that much, but I hate the current trend making new computers not much faster than older ones because of that philosophy.
But you're right for normal programs. These checks are a waste of time. I am doing C++ but I am seriously investigating other languages that are less bitchy with that kind of stuff.