KHB: Failure-oblivious computing
Posted Jul 4, 2006 8:42 UTC (Tue) by walterh
In reply to: KHB: Failure-oblivious computing
Parent article: KHB: Failure-oblivious computing
>> Who says that, say, clipping a buffer that
>> is being overrun by an attacker is a safe choice?
> If it is not, the program is severely broken in other way(s) as well,
> and this could be exploited without the buffer overrun in the first place;
> so what's your point?
My point is that clipping buffers is worse than just terminating the program -- and I gave examples why this is so. Your assertation that you can safely clip buffers is clearly wrong, as is it not hard to think about otherwise perfectly safe programs that get exploitable if you just clip a buffer somewhere.
to post comments)