[Vortex] Safe string functions
Francis Brosnan Blazquez
francis at aspl.es
Wed Apr 16 16:40:48 CEST 2008
> Hi, well, I think this topic is like "which programming language is
> best?". Nevertheless I think code safty comes from using and
> integrating a
> lot of different aspects.
> Well, a regression test can only show the presence of a problem never
> absence. ;-) Same for leak detection.
Right. However, there is no effective solution to this issue unless you
pay as much attention you can to write as much tests as possible.
> My point is, that submitting wrong formed meseages etc. can result in
> being executed that shouldn't. IMO using managed strings can reduce
> risk by a magnitude.
I don't think so. In fact, some of the most robust and secure systems
available are written without using managed strings.
> However, just wanted to note that in these times this is a critical
> to take care about.
You are right; this is an issue and we care about it.
This is software, something done by humans, which makes it far from be
perfect. What we can do is to assume it is not perfect and take our time
to write good code and check it in a serious way as much as possible, as
it is done by other respectable projects that are recognized as secure.
Francis Brosnan Blazquez <francis at aspl.es>
Advanced Software Production Line, S.L.
More information about the Vortex