Re: Library Design, the script kiddie's nightmare.

hutch-- wrote:
As you posted at the same time as I posted the example, look above
your post to see how to use the algo correctly.

By imposing an artificial limit instead of fixing the problem. Yay for
symptomatic treatments, too many doctors would be proud of you.

Its not hard to write code that breaks by misusing it, the procedure is
documented and the source code has been available since it was
written.

You haven't documented the flaw that leads to the buffer overflow exploit,
though.

I don't assume that programmers are as stupid as you try and make out

Sorry, the only "programmer" that's stupid here is you. If programmers
follow the documented interface of GetCL ("The buffer for the returned
argument should be set at 128 bytes in length which is the maximum
allowable."), they can STILL be fucked over by a user, because of YOUR bad
code. Nowhere is it documented that "the maximum command line length must be
128 bytes".

and if they are going to place a binary file in a context where a
hacker can get at it, they will also know enough to write whatever
protection around it they need.

One would hope so. But if they follow only the interface and documentation
(manually checking the source of a library really SHOULDN'T be necessary)
and decide to use GetCL in a CGI, well, *b00m*.

The next thing you never do is change an existing procedure once many
people have used it as it breaks some massive amount of code.

Wrong. You can fix the buffer overflow without changing the interface of the
routine. The only thing that would break would be people depending on the
buffer overflow.

When Jibz raised the issue some 6 years after it was written, in a
different environment where exploits were beginning to become common,
I published code similar to the above example because the technique
is very simple to perform and does the job correctly.

It limits you from parsing commandlines longer than 128 bytes. What an
elegant fix. I guess you can't make head or tails of your own spaghetti
crap? :)

The difference in terms of library design is your target when you
write a module, the entire masm32 Project is pointed at experienced
programmers as per its own web site and experienced programmers do not
want other people interfering with how they write their code or making
assumptions about their experience.

If only the masm32 library had been written by experienced programmers, then
:(


.