[prev in list] [next in list] [prev in thread] [next in thread] 

List:       quanta
Subject:    [Quanta] Help with Quanta+ code
From:       "Munawar Hafiz" <munawar.uiuc () gmail ! com>
Date:       2007-04-14 19:21:20
Message-ID: e67423f40704141221s432c1286u9079f95a56529c5c () mail ! gmail ! com
[Download RAW message or body]

[Attachment #2 (multipart/alternative)]


Hi,

I am a Ph.D. student at UIUC working with Professor Ralph Johnson. My
research interest is security and software architecture. At this point, I am
surveying existing software architecture for buffer overflow vulnerability
protection.

I need some help understanding the Quanta+ codebase. In particular I have
three questions.

1. Does the C/C++ code use the string library functions (strcpy, strcat,
gets etc)?

2. Or does it use some sort of buffer bounds checking, either by rewriting
the string library, or checking before every buffer operation?

3. Is the bounds checking available from the first release, or it has been
included in a subsequent release? How did the development team go about
making this change in the code?


Any information would be greatly appreciated. Thanks in advance.

Munawar Hafiz
UIUC
https://netfiles.uiuc.edu/mhafiz/www/

[Attachment #5 (text/html)]

<p>Hi,</p>
<p>I am a Ph.D. student at UIUC working with Professor Ralph Johnson. My research \
interest is security and software architecture. At this point, I am surveying \
existing software architecture for buffer overflow vulnerability protection.  </p>
<p>I need some help understanding the&nbsp;Quanta+ codebase. In particular I have \
three questions.</p> <p>1. Does the C/C++ code use the string library functions \
(strcpy, strcat, gets etc)? </p> <p>2. Or does it use some sort of buffer bounds \
checking, either by rewriting the string library, or checking before every buffer \
operation? </p> <p>3. Is the bounds checking available from the first release, or it \
has been included in a subsequent release? How did the development team go about \
making this change in the code?&nbsp; </p> <p><br>Any information would be greatly \
appreciated. Thanks in advance.</p> <p>Munawar Hafiz<br>UIUC<br><a \
href="https://netfiles.uiuc.edu/mhafiz/www/">https://netfiles.uiuc.edu/mhafiz/www/</a></p>




_______________________________________________
Quanta mailing list
Quanta@mail.kde.org
https://mail.kde.org/mailman/listinfo/quanta


[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic