Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

macOS Buffer overflow security holes?

G

greg555

macrumors 6502a
Original poster
Mar 24, 2005
644
8
Canada
I'm not a programmer but I'm wondering why we still have security holes in various products due to buffer overflow. I would have thought that there would be linting tools that could check all of a program's interfaces and flag any that don't handle oversized input properly.

Is the problem that companies don't check, or that such tools don't exist, or some other reason?

Just curious - Greg
 
K

kpua

macrumors 6502
Jul 25, 2006
294
0
It's a lot more complicated than you think. There's no tools out there that will automatically find every possible buffer overflow in a particular code base. It can happen in a lot of really subtle ways.

Also, I'm not aware of any tools that do any sort of checking of known causes for OSX. There is a feature in Leopard however that lets you test your own program for buffer overflow. They're called "stack canaries".

And finally, companies do check for them, but it's harder to be proactive in searching for them one by one among millions of lines of code. It's more typical for such holes to be fixed only when they've been discovered by outsiders and perhaps exploited. It's just a simple lack of man-hours most of the time.
 
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom