Category Archives: Security

Undefined Behavior *Can* Format Your Drive

My last post mentioned the ‘standard’ risks of undefined behavior such as having your hard drive formatted or having nethack launched. I even added my own alliterative risk – singing sea shanties in Spanish. The list of consequences bothered some … Continue reading

Posted in Programming, Security | Tagged | 16 Comments

Buggy Security Guidance from Apple

In February 2014 Apple published their Secure Coding Guide. I glanced through it and noticed that their sample code for detecting integer overflow was buggy – it triggered undefined behavior, could be optimized away, and was thus unsafe to use. … Continue reading

Posted in Programming, Security | Tagged | 44 Comments