Page 1 of 1
Top 25 coding errors
Posted: Tue Jan 13, 2009 10:10 am
by LMN
Hi,
if you didn't notice it by now:
http://www.sans.org/top25errors/
I personally think input validation is most critical. What do you think?
Regards,
LMN
Re: Top 25 coding errors
Posted: Tue Jan 13, 2009 3:40 pm
by JohnnyTheDon
I personally think input validation is most critical. What do you think?
It definitely is. As a close (and related) second, I would have to pick buffer overflows. They're potent little bastards when pulled off correctly.
Re: Top 25 coding errors
Posted: Tue Jan 13, 2009 10:43 pm
by Firestryke31
JohnnyTheDon wrote:
It definitely is. As a close (and related) second, I would have to pick buffer overflows. They're potent little bastards when pulled off correctly.
I remember reading about a 420 (approx.) byte virus that nearly shut down the internet for about 15 minutes by using a buffer overflow error in some MS server software. Of course, IIRC this happened when most of the people in the affected regions were asleep, so it wasn't as bad as it could have been.
I wish I could remember where I read it, because they gave an opcode by opcode dissection of the source of the virus, which was cool.