problems/risks due to programming language, stories requested
Gerald Baumgartner
gb at cs.purdue.EDU
Wed Feb 21 09:28:57 AEST 1990
For a research project I am collecting information about the risk of
choosing the wrong programming language. In particular I am looking
for problems that could have been avoided if another (a better)
programming language would have been used.
I know of these three such stories:
1. There is the famous story that a Mariner probe got lost
because of the Fortran statement `DO 3 I = 1.3' (1.3 instead
of 1,3) (see Peter Neumann: A Few Old War Stories Reappear.
ACM SIGSOFT 11(5), Oct. 1986, pp. 16-18). It is a nice story
but, as far as I know, NASA used Jovial at that time and not
Fortran.
2. One of the security holes the Internet Worm took advantage of
was in fingerd (the finger deamon). The deamon uses the gets
routine for input. This routine, written in C, reads input
without checking for bounds on the buffer involved. By
overrunning the buffer, the worm rewrote the stack frame (see
Eugene H. Spafford: Crisis and Aftermath. Communications of
the ACM 32(6), June 1989).
There would be no security hole in the finger daemon if a
programming language would have been used for the I/O
routines, where the compiler takes care of boundary checks for
arrays. Pascal doesn't work since variable length strings are
needed, but Ada would be fine. A language a la ML, where these
checks are done at compile time, would be even better.
3. The AT&T breakdown a month ago was caused by a break statement
in C. See the following mail (multiple forwarding headers deleted):
Subject: AT&T software problem
Subject: Cautionary note on C programming...AT&T learns from experience
>From: kent at wsl.dec.com
Subj: I've always thought C looked like line noise.
Subj: the bug
Subj: AT&T's bug, for you C users out there...
Subj: I C what they mean!
Subj: "c" considered dangerous to telephones
Subj: Be careful from where you break! (else no long distance calls will make it thru...)
Subj: C switch breaks AT&T switches!
Subj: your "c users" list might appreciate this....
I received the following on AT&T's famous bug (and have deleted multiple
forwarding headers):
| | Subject: AT&T Bug
| | Date: Fri Jan 19 12:18:33 1990
| |
| | This is the bug that cause the AT&T breakdown
| | the other day (no, it wasn't an MCI virus):
| |
| | In the switching software (written in C), there was a long
| | "do . . . while" construct, which contained
| | a "switch" statement, which contained
| | an "if" clause, which contained a
| | "break," which was intended for
| | the "if" clause, but instead broke from
| | the "switch" statement.
| |
Again it looks like this bug wouldn't have occurred in another
programming language.
You C what I mean? Do you know other stories like these, if possible
with references? I don't want to praise Ada or pick at C and Fortran;
I am looking for any story where a proveably inappropriate/insecure
programming language has been used.
Gerald Baumgartner gb at cs.purdue.edu ...!{decwrl,gatech,ucbvax}!purdue!gb
More information about the Comp.lang.c
mailing list