Browser Fun

Programmers are often lazy, or in a big hurry. We often are so pleased that the program works, that we don't care about how well we implemented it. Input validity checks are forgotten or ignored: we'll get to them later.

It is easy to forget (if it was ever learned) that the language C is unsafe. There are no nets, and many programs walk that tightrope ("work") without concern for the concrete below.

You run and rely upon such software all the time. Remote file systems, web servers, network daemons, and even kernels make assumptions about their input that they don't verify.

The most common error: use of strcpy without checking the input string length. If the string is too long, it is possible to overwrite the stack of the running program. If it is done just right, the string-provider can install and execute instructions to the receiver. This is the famous "gets" bug that fingerd had and the Morris worm utilized. A popular web server had it, too. (It's surprising a worm wasn't written to exploit it.)

This bug will appear again. Programmers constantly make the same mistakes.

So, click here if you love browsing software.

Thanks to Ray Cromwell and Tom Limoncelli for the URL.