asdasd

22july2013 said:

I recall seeing articles on AI years ago that some vendors count sales when a phone is transferred from the manufacturer to the retailer, even if the retailer never gets it into the hands of a consumer. Is this still the case, and is that how we need to read these stats?

auxio said:

asdasd said:

dewme said:

JustSomeGuy1 said:

asdasd said:

auxio said:

Given how long these tools have been around (40+ years in some cases), how relatively simple the code is compared to modern software, and the fact that they're used in server environments, I'm very surprised they haven't been fully security audited by now.

They aren’t that simple. That’s the problem. They are written in unsafe languages like C and C++ where memory management was up to the code writer. 

True. Though the problem in sudo is considerably more tricky than just a typical use-after-free or similar. Read the original post about the exploit.

Actually, it looks like this exploit takes advantage of vulnerabilities in C stdin processing. This underlying functionality is traceable all the way back to the earliest version of C that most C programmers learned from their trusty and very thin K&R language reference. Over the decades more and more functionality has been layered on top of these “primitive” functions, including the fundamental operation of web servers. 

The real issue imho is that while a lot of underlying legacy code has a long and time tested verification of proper functionality, the code was not designed and has not been updated with sufficient consideration for the existential security threats that have evolved over time. 

Yes, so something like this: 

 char filename[512];

...
filename = getPath(....)

This works until there is a change in the operating system to allow filenames longer than 512, then it is a vulnerability at worst or a crash. Probably something like this happened for the stdln . I don't think these old codebases can be easily updated to handle reference counting.

No, these old UNIX tools don't use C++ since it was only in its inception when they were created.  Not to mention the extra memory overhead made it a non-starter at that time.

As for your example, that's a buffer overflow attack vector.  It's pretty much the top item on the list for security audits: checking all sources of input for possible buffer overflows (or invalid data which could lead to a buffer overflow when parsing it).

As for memory management and an ownership model, see the system Apple uses in their low level C APIs (Core Foundation).

auxio said:

Given how long these tools have been around (40+ years in some cases), how relatively simple the code is compared to modern software, and the fact that they're used in server environments, I'm very surprised they haven't been fully security audited by now.

MacPro said:

If it said rain in England every time, it would be right 90% of the time