Secure Code - Are Buffer Overruns a VB.NET Issue Too? 
Author Message
 Secure Code - Are Buffer Overruns a VB.NET Issue Too?

I've been reading articles of late about secure code techniques.  The buffer
over-run problem invariably takes a prominent position in these discussions,
however all the code samples I've seen are in C++.

This leads me to ask the question, is the problem something that is specific
to the way C++ functions, or does it have it's VB.NET counterpart?

The samples I've seen look like nothing I've ever come across within VB (of
course, that's not saying too much ;-)

Thanks.....

--
Phil
New Zealand (Aotearoa)



Sat, 17 Sep 2005 07:58:03 GMT  
 Secure Code - Are Buffer Overruns a VB.NET Issue Too?
Hi, Phil

The buffer overflow trick should not work on any app based on managed code
and the CLR.  The CLR handles all exceptions and cannot be tricked the way
unmanaged code can.  There may be things that can be done to managed code,
but I haven't heard about any as yet.

HTH,

John Eikanger
Microsoft Visual Basic Team

This posting is provided AS IS with no warranties, and confers no rights.
(c) 2003 Microsoft Corporation.  All rights reserved.
--------------------

| Subject: Secure Code - Are Buffer Overruns a VB.NET Issue Too?
| Date: Tue, 1 Apr 2003 11:58:03 +1200
| Lines: 21
| X-Tomcat-NG: microsoft.public.dotnet.languages.vb
|
| I've been reading articles of late about secure code techniques.  The
buffer
| over-run problem invariably takes a prominent position in these
discussions,
| however all the code samples I've seen are in C++.
|
| This leads me to ask the question, is the problem something that is
specific
| to the way C++ functions, or does it have it's VB.NET counterpart?
|
| The samples I've seen look like nothing I've ever come across within VB
(of
| course, that's not saying too much ;-)
|
| Thanks.....
|
| --
| Phil
| New Zealand (Aotearoa)
|
|
|
|
|
|
|



Sun, 18 Sep 2005 07:57:36 GMT  
 Secure Code - Are Buffer Overruns a VB.NET Issue Too?
Great, that makes sense.  Thanks for clarifying that John.

--
Phil
New Zealand (Aotearoa)



Quote:
> Hi, Phil

> The buffer overflow trick should not work on any app based on managed code
> and the CLR.  The CLR handles all exceptions and cannot be tricked the way
> unmanaged code can.  There may be things that can be done to managed code,
> but I haven't heard about any as yet.

> HTH,

> John Eikanger
> Microsoft Visual Basic Team

> This posting is provided "AS IS" with no warranties, and confers no
rights.
> (c) 2003 Microsoft Corporation.  All rights reserved.



Sun, 18 Sep 2005 09:32:02 GMT  
 
 [ 3 post ] 

 Relevant Pages 

1. FileLen calculation results in buffer overrun error

2. Buffer overrun on UDP socket

3. I am learning VB.NET and am wondering....

4. i am using vb.net and crystal reports for visual studio.net

5. ASP .Net using VB .Net Speed issue

6. vb.net code transform to asp.net code?

7. International Issues - Locale Code Page Vs. VB Code Page

8. I am writing a book about VB .NET, and I need your help you

9. Unable to open VB Code Win after Securing DB

10. Securing VB code?

11. Screen Buffer issue in Telnet App

12. Secure VB & SQL Server 2000 code

 

 
Powered by phpBB® Forum Software