[Dclug] security jitters, or can Type Safety save me
Rob Sherwood
capveg at cs.umd.edu
Thu Jan 24 13:10:03 EST 2008
On Thu, Jan 24, 2008 at 10:05:39AM -0800, Kristian Erik Hermansen wrote:
> On Jan 24, 2008 9:47 AM, DonJr <djr1952 at hotpop.com> wrote:
> > Type Safety or Type Casting (two different things) are in no way going
> > to help prevent a program from overflowing a buffer.
>
> Yes, agreed. Especially in C, where perhaps you craft some
> interesting malloc + integer overflow condition...
Check out CQual - a tool for adding type qualifiers to C
http://www.cs.umd.edu/~jfoster/cqual/
- Rob
.
More information about the Dclug
mailing list